Simple Student Information System 1.0 SQL Injection

Exploit Title: Simple Student Information System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://www.sourcecodester.com/php/11400/simple-student-information-system-ajax-live-search.html Software Link:...

KLA12182 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in V8 can be exploited to cause denial o...

The vulnerability of the Screen Capture function in the Google Chrome browser allows a hacker to execute arbitrary code or trigger a service denial.

The vulnerability of the Screen Capture function in Google Chrome browsers is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or trigger a denial-of-service attack using a specially created...

Debian DSA-4886-1 : chromium - security update

Several vulnerabilites have been discovered in the chromium web browser. - CVE-2021-21159 Khalil Zhani discovered a buffer overflow issue in the tab implementation. - CVE-2021-21160 Marcin Noga discovered a buffer overflow issue in WebAudio. - CVE-2021-21161 Khalil Zhani discovered a buffer...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. A use-after-free in screen capture allows an attacker to execute arbitrary code on the host OS by persuading a victim to visit a malicious web site...

openSUSE Security Update : chromium (openSUSE-2021-513)

This update for chromium fixes the following issues : Update to 89.0.4389.114 boo1184256 - CVE-2021-21194: Use after free in screen capture - CVE-2021-21195: Use after free in V8 - CVE-2021-21196: Heap buffer overflow in TabStrip - CVE-2021-21197: Heap buffer overflow in TabStrip - CVE-2021-21198...

Chromium: CVE-2021-21194 Use after free in screen capture

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome post-release reuse vulnerability (CNVD-2021-28287)

Chrome is a simple and efficiently designed web browsing tool developed by Google. A post-release reuse vulnerability exists in screen captures in versions prior to Google Chrome 89.0.4389.114. A programmed attacker can exploit this vulnerability to cause heap damage via a crafted HTML page...

KLA12134 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in Aura can be exploited to...

InveighZero - Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool

InveighZero is a C LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system. This version shares many features with the PowerShell version of Inveigh. Privileged Mode Features elevated admin...

CloudBees Jenkins OWASP Dependency-Track Plugin Improper Authorization Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An improper authorization...

CloudBees Jenkins OWASP Dependency-Track Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

CloudBees Jenkins Team Foundation Server Plugin Improper Authorization Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An improper authorization...

Ovarro Tbox Information Disclosure Vulnerability

Ovarro Tbox is an application platform from Ovarro Germany. It offers new automation possibilities, simplifies system engineering and enables key industries worldwide to remotely control and monitor their applications. A security vulnerability exists in the Ovarro Tbox product, which can be...

CTF-All-In-One

This repository is an offensive tool for CTF Capture The Flag competitions, specifically targeting Linux systems. The primary vulnerability class is not explicitly stated, but based on the content, it appears to be focused on binary exploitation Pwn. The tool is designed to be used in a CTF...

CVE-2021-21637

A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

Design/Logic Flaw

A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2021-21638

A cross-site request forgery CSRF vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2021-21637

A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2021-21632

A missing permission check in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins...