CVE-2025-13177

A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but...

CVE-2025-13177

A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but...

CVE-2025-13177 Bdtask/CodeCanyon SalesERP cross-site request forgery

A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but...

CVE-2019-13177

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

CVE-2024-13177

creationtimestamp| type| source ---|---|--- 2025-04-15 19:57:09+00:00| seen| https://t.me/cvedetector/22968...

CVE-2024-13177

Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A standard user could potentially create a symlink of the file “nsinstallation” to escalate the privileges of a different file on the system...

CVE-2024-13177

CVE-2024-13177 affects Netskope Client on macOS where the postinstall script fails to validate the path of the nsinstallation file, allowing a local attacker to create a symlink to escalate privileges to a different file. Reported impact is privilege escalation with affected versions before 123.0...

CVE-2024-13177 Symlink Following in Netskope Client Postinstall Script

Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A standard user could potentially create a symlink of the file “nsinstallation” to escalate the privileges of a different file on the system...

CVE-2024-13177 Symlink Following in Netskope Client Postinstall Script

Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A standard user could potentially create a symlink of the file “nsinstallation” to escalate the privileges of a different file on the system...

CVE-2020-13177

creationtimestamp| type| source ---|---|--- 2020-08-11 22:55:23+00:00| seen| https://t.me/cibsecurity/14048...

CVE-2020-13177

The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the...

CVE-2020-13177

CVE-2020-13177 affects the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows, with affected versions prior to 20.04.1 and 20.07.0. The root cause is that the support bundler does not use hard-coded paths for certain Windows binaries, allowing an attacker with local access t...

CVE-2019-13177

The CVE is supported by concrete details in connected sources: django-rest-registration before 0.5.0 misuses the Django Signer API by passing the salt as the secret key, resulting in static, easily guessable verification signatures. This allows remote attackers to spoof the verification process v...

CVE-2018-13177

The mintToken function of a smart contract implementation for MiningRigRentals Token MRR, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

CVE-2018-13177

The CVE-2018-13177 entry concerns MiningRigRentals Token (MRR) on Ethereum. The mintToken function in the smart contract is reported to have an integer overflow vulnerability, enabling the contract owner to modify any user’s token balance to an arbitrary value. This is a root-cause issue within t...

CVE-2017-13177

In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8....

CVE-2017-13177

The CVE-2017-13177 entry concerns a vulnerability in the Android Media Framework where several libhevc functions fail to preserve NEON registers. This can enable remote code execution (RCE) in a privileged process with no required user interaction, affecting Android versions 5.1.1, 6.0, 6.0.1, 7....