EUVD-2022-24531

Malicious code in bioql PyPI...

EUVD-2022-1846

Malicious code in bioql PyPI...

EUVD-2022-1632

Malicious code in bioql PyPI...

CVE-2023-0831

The CVE-2023-0831 entry concerns the WordPress plugin Under Construction. A CSRF flaw exists in versions up to 3.96 due to missing/incorrect nonce validation in the dismiss_notice function invoked by admin_action_ucp_dismiss_notice, allowing unauthenticated attackers to dismiss plugin notificatio...

WordPress plugin Under Construction 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

CVE-2022-1235

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

livehelperchat 安全漏洞

livehelperchat is a chat via a live helper that provides free live support on a website. A security vulnerability exists in the GitHub repository livehelperchat/livehelperchat versions prior to 3.96, which stems from the ability to force the use of Weak secrethash...

livehelperchat code issue vulnerability

livehelperchat is available via live helper chat, which provides free live support on the site. livehelperchat versions prior to 3.96 are vulnerable to a code issue stemming from SSRF on index.php/cobrowse/proxycss/. An attacker could exploit this vulnerability to cause the application to execute...

Type Confusion in LiveHelperChat

Live Helper Chat provides live support for your website. Loose comparison causes IDOR on multiple endpoints in LiveHelperChat prior to 3.96. There is a fix released in versions 3.96 and 3.97. Currently, there is no known workaround...

CVE-2022-1176

Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1191 SSRF on index.php/cobrowse/proxycss/ in livehelperchat/livehelperchat

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

PT-2022-13692 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: LiveHelperChat versions prior to 3.96 Description: The issue is caused by a loose comparison, leading to an Insecure Direct Object Reference IDOR on multiple endpoints in the LiveHelperChat repository. LiveHelperChat is a live support system...

PT-2022-13704 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: livehelperchat/livehelperchat versions prior to 3.96 Description: The issue is related to a Server-Side Request Forgery SSRF in the index.php/cobrowse/proxycss/ endpoint of the livehelperchat/livehelperchat GitHub repository. This allows for...

CVE-2021-20285

A flaw was found in upx canPack in plxelf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service SEGV or buffer overflow and application crash or possibly have unspecified other impacts via a crafted ELF. The highest threat from this vulnerability is to system availability...

CVE-2021-20285

A flaw was found in upx canPack in plxelf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service SEGV or buffer overflow and application crash or possibly have unspecified other impacts via a crafted ELF. The highest threat from this vulnerability is to system availability...

PT-2021-13877 · Upx +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: UPX version 3.96 Description: A flaw was found in upx canPack in p lx elf.cpp. This flaw allows attackers to cause a denial of service SEGV or buffer overflow and application crash or possibly have unspecified other impacts via a crafted ELF...

OPENSUSE-SU-2020:0180-1 Security update for upx

This update for upx to version 3.96 fixes the following issues: - CVE-2019-1010048: Fixed a denial of service in PackLinuxElf32::PackLinuxElf32help1 boo1141777. - CVE-2019-14296: Fixed a denial of service in canUnpack boo1143839. - CVE-2019-20021: Fixed a heap-based buffer over-read in canUnpack...

Security update for upx (moderate)

openSUSE Security Update: Security update for upx Announcement ID: openSUSE-SU-2020:0180-1 Rating: moderate References: 1094138 1141777 1143839 1159833 1159920 Cross-References: CVE-2018-11243 CVE-2019-1010048 CVE-2019-14296 CVE-2019-20021 CVE-2019-20053 Affected Products: openSUSE Backports...

OPENSUSE-SU-2020:0163-1 Security update for upx

This update for upx to version 3.96 fixes the following issues: - CVE-2019-1010048: Fixed a denial of service in PackLinuxElf32::PackLinuxElf32help1 boo1141777. - CVE-2019-14296: Fixed a denial of service in canUnpack boo1143839. - CVE-2019-20021: Fixed a heap-based buffer over-read in canUnpack...

Security update for upx (moderate)

openSUSE Security Update: Security update for upx Announcement ID: openSUSE-SU-2020:0163-1 Rating: moderate References: 1094138 1141777 1143839 1159833 1159920 Cross-References: CVE-2018-11243 CVE-2019-1010048 CVE-2019-14296 CVE-2019-20021 CVE-2019-20053 Affected Products: openSUSE Leap 15.1 An...