tcpslice: use-after-free in extract_slice()

A heap use-after-free flaw was found in tcpslices' extractslice. This flaw allows an attacker with local network access to pass a specially crafted 'pcap' file to tcpslice, causing segmentation fault. This vulnerability halts or crashes the application, leading to a denial of service...

JADX file override vulnerability

Summary when jadx parses a resource file, there is an escape problem with the style file, which can overwrite other files in the directory when saving the decompile result. Although I don't think this vulnerability realizes path traversal in the true sense of the word , I reported it anyway Detai...

WordPress LayerSlider Plugin: SQL Injection Vulnerability

On March 25th, 2024, a critical security vulnerability was discovered in the LayerSlider plugin for WordPress, marked as CVE-2024-2879. The plugins have more than 10 lakh active installations. This flaw, rated with a CVSS score of 7.5 out of 10.0, is identified as an SQL injection vulnerability...

CVE-2024-2018

CVE-2024-2018 affects the WP Activity Log Premium plugin for WordPress. The vulnerability is an SQL Injection via entry->roles in all versions up to 4.6.4, caused by insufficient escaping of the user-supplied parameter and insufficient preparation of the SQL query. This can enable authenticate...

The vulnerability of the extract() function in Outdoorbits Little-Backup-Box software, which allows a hacker to execute arbitrary code.

The vulnerability of the extract function in image and multimedia file backup software from Outdoorbits Little-Backup-Box is related to insufficient data authenticity checking. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Fedora 38 : ghc-base64 / ghc-hakyll / gitit / pandoc / patat (2024-6ad6b9f417)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-6ad6b9f417 advisory. Security fix for CVE-2023-35936 and CVE-2023-38745 - pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 - base64 now packaged in Fedora...

BIT-DJANGO-2022-34265

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

SUSE CVE-2021-46931

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...

tcpslice: use-after-free in extract_slice()

A heap use-after-free flaw was found in tcpslices' extractslice. This flaw allows an attacker with local network access to pass a specially crafted 'pcap' file to tcpslice, causing segmentation fault. This vulnerability halts or crashes the application, leading to a denial of service...

facileManager SQL Injection Vulnerability

facileManager is a suite of modular Web applications from facileManager, Inc. facileManager suffers from an SQL injection vulnerability that originates from an unsafe call to the extract function in admin-logs.php. An attacker can use this vulnerability to view, add, modify, or delete information...

Sql injection

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $REQUEST global array was unsafely called inside an extract function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $SESSION via the GET/POST parameters...

CVE-2024-24572 facileManager Authenticated Variable Manipulation leading to SQL Injection

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $REQUEST global array was unsafely called inside an extract function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $SESSION via the GET/POST parameters...

CVE-2024-24572 facileManager Authenticated Variable Manipulation leading to SQL Injection

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $REQUEST global array was unsafely called inside an extract function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $SESSION via the GET/POST parameters...

CVE-2024-24572 facileManager Authenticated Variable Manipulation leading to SQL Injection

facileManager is a modular suite of web apps built with the sysadmin in mind. In versions 4.5.0 and earlier, the $REQUEST global array was unsafely called inside an extract function in admin-logs.php. The PHP file fm-init.php prevents arbitrary manipulation of $SESSION via the GET/POST parameters...

facileManager SQL注入漏洞

facileManager is a suite of modular Web applications from facileManager, Inc. facileManager suffers from an SQL injection vulnerability that originates from an unsafe call to the extract function in admin-logs.php. An attacker can use this vulnerability to view, add, modify, or delete information...

tcpslice: use-after-free in extract_slice()

A heap use-after-free flaw was found in tcpslices' extractslice. This flaw allows an attacker with local network access to pass a specially crafted 'pcap' file to tcpslice, causing segmentation fault. This vulnerability halts or crashes the application, leading to a denial of service...

python: tarfile module directory traversal

A flaw was found in the Python tarfile module. Extracting a crafted TAR archive with the tarfile.extract or tarfile.extractall functions could lead to a directory traversal vulnerability, resulting in overwrite of arbitrary files...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2023-2663)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote...

CVE-2023-52262

outdoorbits little-backup-box aka Little Backup Box before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input...

CVE-2023-52262

outdoorbits little-backup-box aka Little Backup Box before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input...