CVE-2026-5082

Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id. The generatesessionid function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes using SHA-1 hash seeded with the built-in rand...

EUVD-2018-14283

Malware in sbrugna...

CVE-2024-33899

RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences...

CVE-2023-25191

AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00...

PT-2023-10803 · Unknown +1 · Flar2 Elementalx +1

Name of the Vulnerable Software and Affected Versions: flar2 ElementalX versions up to 6.x Description: A problematic vulnerability has been found, affecting the function xfrm dump policy done of the file net/xfrm/xfrm user.c of the component ipsec. The manipulation leads to denial of service...

SAP NetWeaver AS JAVA Reverse Tabnabbing (2976947)

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. Note that Nessus has not tested for this issue but has instead...

GE Grid Solutions UR 信任管理问题漏洞

GE Grid Solutions UR is an embedded operating system from GE Grid Solutions, France. It provides high-performance protection, scalable I/O, integrated monitoring and metering, high-speed communications, and extensive programming and configuration capabilities. A trust management issue vulnerabili...

Design/Logic Flaw

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

Sony Playstation 4 (PS4) < 6.72 - WebKit Code Execution Exploit

Exploit for hardware platform in category web applications / Sony Playstation 4 PS4 6.72 - WebKit Code Execution Exploit badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older...

Sony Playstation 4 (PS4) &lt; 6.72 - WebKit Code Execution (PoC)

/ badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmware 7.00. EDB Note Download:...

Design/Logic Flaw

Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00...

CVE-2018-2428

Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00...

Input validation

ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file API...

SAP Solman - user accounts disclosure CVE-2016-10005

Application: SAP Solman Versions Affected: SAP Solman 7.1-7.31 Vendor URL: SAP Bugs: Information Disclosure Reported: 12.07.2016 Vendor response: 13.07.2016 Date of Public Advisory: 13.09.2016 Reference: SAP Security Note 2344524 Author: Roman Bezhan ERPScan VULNERABILITY INFORMATION CVE-2016-100...

[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS

ERPSCAN Research Advisory ERPSCAN-15-003 SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS Application: SAP NetWeaver Dispatcher Versions Affected: SAP NetWeaver Dispatcher, probably others Vendor URL: http://SAP.com Bugs: RCE Sent: 25.08.14 Reported: 25.08.14 Vendor response: 25.08.14 Date of...

Integer overflow

Integer overflow in the ljpegstart function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service crash via a crafted image, which triggers a buffer overflow, related to the len variable...

CVE-2015-3885

Integer overflow in the ljpegstart function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service crash via a crafted image, which triggers a buffer overflow, related to the len variable...

CVE-2015-3885

Integer overflow in the ljpegstart function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service crash via a crafted image, which triggers a buffer overflow, related to the len variable...

Buffer overflow

Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the ABAP VM, aka SAP Note 2059734...

HP Data Protector Cell Request Service Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...