Lucene search
+L

43 matches found

ptsecurity
ptsecurity
added 2024/04/09 12:0 a.m.5 views

PT-2024-3023 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a memory boundary read and can allow an attacker to disclose protected information. There is no information provided about the estimated number of potentially affect...

5.5CVSS8.8AI score0.00755EPSS
Exploits0References7
hivepro
hivepro
added 2023/12/15 5:47 a.m.8 views

Microsoft’s December 2023 Patch Tuesday Addresses One Zero-day Vulnerability

Summary: In the December Patch Tuesday release, Microsoft addressed a total of 42 CVEs, including one zero-day vulnerability. Within this range of vulnerabilities, the security update covered the typical spectrum of issues, including RCE flaws, concerns related to privilege escalation, spoofing,...

6.9AI score
Exploits0
cnnvd
cnnvd
added 2023/12/08 12:0 a.m.5 views

Google Pixel Competitive Conditions Issue Vulnerability

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that stems from the existence of a competitive condition that could potentially be used after a free...

6.4CVSS6.5AI score0.00074EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/11/14 12:0 a.m.5 views

Intel NUC Security Vulnerability

Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in Intel NUC. An attacker could exploit this vulnerability to cause elevation of privilege, denial of service, and information disclosure...

7.3CVSS6.6AI score0.00197EPSS
Exploits0References2
hivepro
hivepro
added 2023/10/14 8:45 a.m.21 views

Unraveling the Intricate Arsenal of Stayin’ Alive Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In the October Patch Tuesday release, Microsoft addressed 103 flaws, including three actively exploited zero-day vulnerabilities. These patches cover critical and important vulnerabilities, a Chromium fi...

6.9AI score
Exploits0
code423n4
code423n4
added 2023/06/09 12:0 a.m.12 views

FRONT-RUNNING SUSCEPTIBILITY IN ADDBID()

Lines of code Vulnerability details Impact Auction.addBid is susceptible to front-running attacks. This vulnerability presents a significant risk as participants with adequate knowledge or skill could manipulate Ethereum transaction ordering to gain undue advantage, potentially compromising the...

7AI score
Exploits0
nuclei
nuclei
added 2023/06/05 7:3 a.m.49 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manageteam&id=. id: CVE-2022-31980 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

7.2CVSS7.4AI score0.01971EPSS
Exploits1References3
prion
prion
added 2022/07/25 2:15 p.m.12 views

Code injection

This affects the package conf-cfg-ini before 1.2.2. If an attacker submits a malicious INI file to an application that parses it with decode, they will pollute the prototype on the application. This can be exploited further depending on the context...

7.5CVSS9.3AI score0.00984EPSS
Exploits1References2Affected Software1
gitee
gitee
added 2021/09/27 11:2 p.m.6 views

ctf

It is an offensive tool for reverse engineering. The repository contains a binary decompiler for a "Magic Word" challenge, which appears to be a reverse engineering exercise. The code is written in C++ and utilizes the basicstring class from the C++ Standard Library. The decompiled main function ...

7.1AI score
Exploits0
cnnvd
cnnvd
added 2021/03/23 12:0 a.m.5 views

Grid Solutions GE MU320E 加密问题漏洞

The MU320E is a process interface unit from GE with integrated analog and digital merge interfaces. An insufficient cryptographic strength vulnerability exists in the firmware prior to GE MU320E 04A00.1. The vulnerability stems from some aspects of the SSH server configuration file not being...

7.8CVSS5.6AI score0.00196EPSS
Exploits0References3
cnvd
cnvd
added 2021/01/11 12:0 a.m.6 views

IBM Spectrum Protect Plus Clickjacking Vulnerability

IBM Spectrum Protect Plus is a data protection and availability solution for virtualized environments that can be deployed in minutes and protect your environment in less than an hour. A clickjacking vulnerability exists in IBM Spectrum Protect Plus 10.1.0 - 10.1.6. An attacker can exploit this...

6.1CVSS6.8AI score0.00886EPSS
Exploits0References1
redhat
redhat
added 2020/12/17 3:12 p.m.4 views

Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developer reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

8.8CVSS7.5AI score0.01328EPSS
Exploits0References5
cnvd
cnvd
added 2020/03/04 12:0 a.m.7 views

Data Modem Buffer Overflow Vulnerability in Multiple Qualcomm Products

Qualcomm MDM9206, etc. are products of Qualcomm Incorporated, U.S.A. The MDM9206 is a central processing unit CPU product.The SDX24 is a modem.The SDA660 is a central processing unit CPU product. A buffer overflow vulnerability exists in Data Modem in multiple Qualcomm products.The vulnerability...

10CVSS7.4AI score0.00902EPSS
Exploits0References1
osv
osv
added 2019/11/01 7:15 p.m.11 views

CVE-2013-0178

Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm...

5.5CVSS5.5AI score0.00415EPSS
Exploits0References13
hackerone
hackerone
added 2017/08/10 2:59 p.m.24 views

Tor: Access to local file system using javascript

Issue : Access to local file system using javascriptslightly xss on server side The browser can access the local files using iframes with a local html file. this is very normal and often used for local web development but javascript shouldn't be able to get the content of that iframe because this...

6.6AI score
Exploits0
bdu_fstec
bdu_fstec
added 2017/02/09 12:0 a.m.7 views

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the Audioserver component of the libeffects sub-component in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...

4.3CVSS6.2AI score0.00485EPSS
Exploits0References4Affected Software1
exploitdb
exploitdb
added 2016/06/10 12:0 a.m.56 views

Google Android - '/system/bin/sdcard' Stack Buffer Overflow (PoC)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=798 Android: Stack-buffer-overflow in /system/bin/sdcard There's an integer overflow issue in getnodepathlocked, which results in a buffer overflow. For all of the calling paths, this is going to overflow a stack buffer in the pare...

7.4AI score
Exploits0
threatpost
threatpost
added 2015/12/03 8:0 a.m.12 views

Adobe Flash Player Days Numbered

If there’s unanimity among security professionals in anything, it’s in their loathing of Adobe’s Flash Player. There’s yet to be an APT or exploit kit that hasn’t welcomed vulnerabilities in the development platform with open arms. And for all that misery tallied up in lost intellectual property...

7.2AI score
Exploits0References7
exploitpack
exploitpack
added 2005/02/24 12:0 a.m.14 views

OOApp Guestbook - Multiple HTML Injection Vulnerabilities

OOApp Guestbook - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12647/info OOApp Guestbook is reportedly affected by multiple HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input. The...

0.2AI score
Exploits0
exploitdb
exploitdb
added 2004/02/17 12:0 a.m.32 views

SmallFTPd 1.0.3 - Remote Denial of Service

source: https://www.securityfocus.com/bid/9684/info It has been reported that SmallFTPD is prone to a remote denial of service vulnerability. This issue is due to the application failing to properly validate user input. Successful exploitation of this issue may cause the affected server to crash,...

7.4AI score
Exploits0
Rows per page
Query Builder