Lucene search
+L

268 matches found

ATTACKERKB
ATTACKERKB
added 2024/06/09 12:0 a.m.118 views

CVE-2024-4577

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use “Best-Fit” behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...

9.8CVSS9.8AI score0.99987EPSS
In wildExploits64References20
Openbugbounty
Openbugbounty
added 2024/04/07 5:35 a.m.17 views

pro-fit-tech.co.uk Cross Site Scripting vulnerability OBB-3907477

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/04/06 5:33 a.m.5 views

fit-kids.jp Cross Site Scripting vulnerability OBB-3906921

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Jake Archibald's Blog
Jake Archibald's Blog
added 2024/02/21 1:0 a.m.17 views

View transitions: Handling aspect ratio changes

This post assumes some knowledge of view transitions. If you're looking for a from-scratch intro to the feature, see this article. When folks ask me for help with view transition animations that "don't quite look right", it's usually because the content changes aspect ratio. Here's how to handle...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/01/13 10:34 a.m.5 views

diyhomefit.co.uk Cross Site Scripting vulnerability OBB-3834017

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/10/17 12:15 p.m.3 views

CVE-2023-39902

A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...

7.8CVSS7.1AI score0.00145EPSS
Exploits0References3
Prion
Prion
added 2023/10/17 12:15 p.m.20 views

Format string

A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...

4.3CVSS7.7AI score0.00145EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/17 12:0 a.m.29 views

CVE-2023-39902

A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...

7CVSS7.9AI score0.00145EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.4 views

WordPress FIT: Featured Image Toolkit Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software FIT: Featured Image Toolkit Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 475578139d43 Credits Rafie Muhammad...

6.8AI score0.00284EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.7 views

SUSE CVE-2012-3236

fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a malformed XTENSION header of a .fit file, as demonstrated using a long string...

4.3CVSS6.8AI score0.10748EPSS
Exploits5References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.2 views

SUSE CVE-2015-7652

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary...

9.3CVSS8AI score0.246EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.8 views

SUSE CVE-2018-1000205

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality...

5.5CVSS6.9AI score0.00713EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.2 views

SUSE CVE-2020-10648

Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration...

6.2CVSS7AI score0.01313EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.3 views

SUSE CVE-2021-27097

The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT...

7.8CVSS7AI score0.01037EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2022/09/10 10:22 a.m.13 views

antiquespisos.com Cross Site Scripting vulnerability OBB-2909804

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/07/19 12:55 a.m.15 views

fit-inn-pruem.de Cross Site Scripting vulnerability OBB-2796016

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/03/04 2:14 p.m.6 views

fit-schmidt.de Improper Access Control vulnerability OBB-2405889

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.3 views

WordPress FIT: Featured Image Toolkit plugin <= 1.0.3 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress FIT: Featured Image Toolkit plugin versions = 1.0.3. Solution No patched version available...

2.2AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.9 views

WordPress FIT: Featured Image Toolkit plugin <= 1.0.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress FIT: Featured Image Toolkit plugin versions = 1.0.3. Solution No patched version available...

3.6AI score
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2022/02/26 10:0 a.m.9 views

fit-enterprise.com Cross Site Scripting vulnerability OBB-2384294

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder