22 matches found
WordPress WP Restaurant Listings plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Restaurant Listings versions = 1.0.2...
CVE-2020-11830
QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0...
CVE-2018-11830
Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A...
CVE-2024-11830
creationtimestamp| type| source ---|---|--- 2025-01-08 11:13:00+00:00| seen| https://infosec.exchange/users/cve/statuses/113792436154678442 2025-01-08 11:15:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7zxqgj6x2f 2025-01-08 11:53:50+00:00| seen|...
CVE-2024-11830 Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer <= 2.3.52 - Authenticated (Contributor+) Stored Cross-Site Scripting
The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and output escaping on user-supplied data. This makes it possible for authenticated attackers with...
CVE-2024-11830 Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer <= 2.3.52 - Authenticated (Contributor+) Stored Cross-Site Scripting
The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and output escaping on user-supplied data. This makes it possible for authenticated attackers with...
CVE-2020-11830
QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0...
CVE-2020-11830
QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0...
CVE-2020-11830
CVE-2020-11830 affects QualityProtect (com.oppo.qualityprotect) V2.0. Public records describe a vulnerability allowing execution of arbitrary system commands; CVSS v3.1/3.0 metrics indicate CRITICAL impact (Network attack, no user interaction). Root cause and exact exploit details are not provide...
Fedora 29 : php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2 (2019-af7bef7165)
Two security updates have been released for PharStreamWrapper. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 30 : php-brumann-polyfill-unserialize / php-typo3-phar-stream-wrapper2 (2019-a8121923d5)
Two security updates have been released for PharStreamWrapper. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 29 : php-typo3-phar-stream-wrapper (2019-d5f883429d)
3.1.1 - TYPO3-PSA-2019-007 / CVE-2019-11831 - TYPO3-PSA-2019-008 / CVE-2019-11830 - 3.1.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 28 : php-typo3-phar-stream-wrapper (2019-4d93cf2b34)
3.1.1 - TYPO3-PSA-2019-007 / CVE-2019-11831 - TYPO3-PSA-2019-008 / CVE-2019-11830 - 3.1.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
CVE-2019-11830
PharMetaDataInterceptor in the PharStreamWrapper aka phar-stream-wrapper package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism...
CVE-2019-11830
The vulnerability CVE-2019-11830 affects TYPO3 in the PharStreamWrapper (phar-stream-wrapper) 2.x before 2.1.1 and 3.x before 3.1.1. The issue stems from misparsing Phar stubs, allowing bypass of deserialization protection. Impact is high (CVE-2019-11830) with critical, network-exposed access. Re...
CVE-2018-11830
CVE-2018-11830 describes an integer overflow caused by improper input validation in the QCPE create function, affecting Snapdragon platforms (Auto, CE Connectivity, Industrial IOT, Mobile in MDM9206/9607/9650/9655, MSM8996AU, SD 410/12, SD 820A). Root cause: improper input validation leading to i...
Microsoft Windows - CiSetFileCache WDAC Security Feature Bypass TOCTOU
Microsoft Windows - CiSetFileCache WDAC Security Feature Bypass TOCTOU Windows: CiSetFileCache TOCTOU CVE-2017-11830 Variant WDAC Security Feature Bypass Platform: Windows 10 1803, 1709 should include S-Mode but not tested Class: Security Feature Bypass Summary: While the TOCTOU attack against...
Microsoft Windows - CiSetFileCache TOCTOU Incomplete Fix Exploit
Exploit for windows platform in category dos / poc Windows: CiSetFileCache TOCTOU CVE-2017-11830 Incomplete Fix Platform: Windows 10 1709 including Win10S Class: Security Feature Bypass Summary: The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signin...
Microsoft Windows - 'CiSetFileCache' TOCTOU Incomplete Fix
Windows: CiSetFileCache TOCTOU CVE-2017-11830 Incomplete Fix Platform: Windows 10 1709 including Win10S Class: Security Feature Bypass Summary: The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signing level to an unsigned file by exploiting a TOCTOU ...
CVE-2017-11830
creationtimestamp| type| source ---|---|--- 2017-11-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43162...