CVE-2025-11477

A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User results in sql injection. The attack may be launched remotely. The exploit has been released to t...

Ruckus Wireless ICX Switches Integer Overflow or Wraparound (CVE-2019-11477)

Three flaws were found in the Linux kernel's handling of TCP networking. The most severe vulnerability could allow a remote attacker to trigger a kernel panic in systems running the affected software and, as a result, impact the system's availability. The issues have been assigned multiple CVEs:...

libQt5Pdf5-5.15.19-1.1 on GA media (moderate)

libQt5Pdf5-5.15.19-1.1 on GA media Announcement ID: openSUSE-SU-2025:15531-1 Rating: moderate Cross-References: CVE-2024-10229 CVE-2024-10827 CVE-2024-11477 CVE-2024-12694 CVE-2024-55549 CVE-2025-0436 CVE-2025-0762 CVE-2025-0996 CVE-2025-0999 CVE-2025-1426 CVE-2025-1919 CVE-2025-2136 CVE-2025-242...

Linux Distros Unpatched Vulnerability : CVE-2019-11477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow in the Linux kernel when handling TCP Selective...

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 11 security bugs in Chromium: CVE-2024-11477: 7-Zip Zstd decompression integer underflow CVE-2025-0762: Use after free in DevTools CVE-2025-0996: Inappropriate implementation in Browser UI CVE-2025-0998: Out of bounds memory access in V8...

Exploit for Integer Underflow (Wrap or Wraparound) in 7-Zip

CVE-2024-11477 Writeup This is a writeup of my research...

CVE-2024-11477

7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...

7-Zip < 24.07 RCE (ZDI-24-1532)

The version of 7-Zip installed on the remote host is prior to 24.07. It is, therefore, affected by a remote code execution vulnerability as referenced in the ZDI-24-1532 advisory. - This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interactio...

CVE-2024-11477

creationtimestamp| type| source ---|---|--- 2024-11-20 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1532/ 2024-11-22 16:40:16+00:00| seen| https://t.me/truesecator/6464 2024-11-23 09:01:40+00:00| exploited| https://t.me/kasperskyb2b/1513 2024-11-23 12:18:03+00:00| seen...

KLA77436 RCE vulnerability in 7-Zip

Remote code execution vulnerability was found in 7-Zip. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2024-11477 ZDI-24-1532 Related products 7-Zip CVE list CVE-2024-11477 critical Solution Update to the latest version Download 7-Zip Impacts ACE...

Siemens Industrial Products Integer Overflow or Wraparound (CVE-2019-11477)

Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The kernel used in some products is affected by an integer overflow when handling TCP Selective Acknowledgements. A remote attacker could use this to cause a denial of service. This plugin only wor...

Sprecher Automation SPRECON-E TCP SACK PANIC (CVE-2019-11477)

Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments SACKs. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182,...

Security Bulletin: Multiple vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in the Linux Kernel affect IBM SAN Volume Controller, IBM Storwize V7000, V5000, V5100, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The applicable vulnerabilities are...

Mageia: Security Advisory (MGASA-2019-0196)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0197)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in kernel affect Power Hardware Management Console (CVE-2019-11479,CVE-2019-11477 and CVE-2019-11478)

Summary Power Hardware Management Console is affected by security vulnerabilities in the Linux Kernel. Power Hardware Management Console has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-11478 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an issu...

SUSE: Security Advisory (SUSE-SU-2019:1550-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1535-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:14089-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1529-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...