Epic Games Psyonix Rocket League 安全漏洞

Epic Games Psyonix Rocket League is a competitive game from the American company Epic Games. A security vulnerability exists in Epic Games Psyonix Rocket League version 1.95 and earlier, which stems from an insecure privilege setting that could allow an authenticated user to modify executable fil...

CVE-2024-54134

A publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots,...

CVE-2021-26580

A potential security vulnerability has been identified in HPE iLO Amplifier Pack. The vulnerability could be remotely exploited to allow Cross-Site Scripting XSS. HPE has provided the following software update to resolve the vulnerability in HPE iLO Amplifier Pack: HPE iLO Amplifier Pack 1.95 or...

HPE IlO Amplifier Pack 路径遍历漏洞

HPE IlO Amplifier Pack is a database management software for use in clustered environments from HPE, USA. The software supports Gen8, Gen9 and Gen10 Hewlett Packard Enterprise with automatic firmware and driver updates, manual or automatic recovery of firmware-corrupted systems, and maximizes...

Epic Games Rocket League 缓冲区错误漏洞

Epic Games Rocket League is an application software from Epic Games, Inc. a game software. A buffer error vulnerability exists in Epic Games/Psyonix Rocket League version 1.95 and earlier, which stems from a stack-based buffer overflow that occurs when Rocket League processes UPK object files,...

Epic Games Rocket League 1.95 Insecure Permissions

Epic Games Psyonix Rocket League cacls RocketLeague.exe E:\Epic Games\rocketleague\Binaries\Win64\RocketLeague.exe BUILTIN\Administrators:F NT AUTHORITY\SYSTEM:F NT AUTHORITY\Authenticated Users:C BUILTIN\Users:R E:\Epic Games\rocketleaguecacls Binaries E:\Epic Games\rocketleague\Binaries...

CVE-2021-26580

A potential security vulnerability has been identified in HPE iLO Amplifier Pack. The vulnerability could be remotely exploited to allow Cross-Site Scripting XSS. HPE has provided the following software update to resolve the vulnerability in HPE iLO Amplifier Pack: HPE iLO Amplifier Pack 1.95 or...

Delta Electronics TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: TPEditor Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...

PT-2019-11710 · Jenkins · Jenkins Static Analysis Utilities Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Static Analysis Utilities Plugin versions 1.95 and earlier Description: A missing permission check in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job...

ca-certificates security update

2013.1.95-65.1 - Update to CKBI 1.95 from NSS 3.15.3.1...

CVE-2007-4074

The default configuration of Centre for Speech Technology Research CSTR Festival 1.95 beta aka 2.0 beta on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute...

Default configuration

The default configuration of Centre for Speech Technology Research CSTR Festival 1.95 beta aka 2.0 beta on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute...

CVE-2007-4074

The default configuration of Centre for Speech Technology Research CSTR Festival 1.95 beta aka 2.0 beta on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute...

CVE-2007-4074

CVE-2007-4074 affects Festival 1.95 beta (aka 2.0 beta) in Gentoo/SUSE and possibly other distros. The festival daemon runs as root with a passwordless default config, exposing a local daemon on port 1314 that can be abused to execute arbitrary commands by local attackers, with remote access poss...

CVE-2001-1496

CVE-2001-1496 affects thttpd (Acme Labs) with an off-by-one buffer overflow in Basic Authentication across versions 1.95–2.20. The underlying issue is a buffer overflow in the Basic Auth handling, enabling remote attackers to cause a denial of service and potentially execute arbitrary code. Explo...

ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed

ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed Apache::ASP http://www.nodeworks.com/asp/ had a security hole in its ./site/eg/source.asp distribution examples file, allowing a malicious hacker to potentially write to files in the directory local to the source.asp example script. The next versio...