Lucene search
K

208 matches found

Cvelist
Cvelist
added 2020/01/30 8:22 p.m.22 views

CVE-2012-6133

Multiple cross-site scripting XSS vulnerabilities in Roundup before 1.4.20 allow remote attackers to inject arbitrary web script or HTML via the 1 @okmessage or 2 @errormessage parameter to issue...

6.1AI score0.01546EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2020/01/28 3:15 a.m.34 views

CVE-2019-15583

An information disclosure exists in 12.3.2, 12.2.6, and 12.1.12 for GitLab Community Edition CE and Enterprise Edition EE. When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API...

7.5CVSS7.1AI score0.01382EPSS
Exploits0References4
ossfuzz
ossfuzz
added 2019/12/05 8:20 a.m.20 views

llvm:clang-fuzzer: Segv on unknown address in clang::Sema::getCurLambda

Detailed Report: https://oss-fuzz.com/testcase?key=5639017945366528 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: clang::Sema::getCurLambda...

6.9AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/11/27 10:0 p.m.19 views

llvm:clang-fuzzer: Segv on unknown address in clang::Parser::tryParseCXXIdExpression

Detailed Report: https://oss-fuzz.com/testcase?key=5730465248182272 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: clang::Parser::tryParseCXXIdExpression...

6.9AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/11/27 11:25 a.m.11 views

freetype2:cff-render-ftengine: Invalid-builtin-use in FT_Outline_Get_Orientation

Detailed Report: https://oss-fuzz.com/testcase?key=5735696199581696 Project: freetype2 Fuzzing Engine: libFuzzer Fuzz Target: cff-render-ftengine Job Type: libfuzzerubsanfreetype2 Platform Id: linux Crash Type: Invalid-builtin-use Crash Address: Crash State: FTOutlineGetOrientation...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/06/02 9:35 p.m.19 views

wireshark/fuzzshark_ip_proto-udp: Heap-buffer-overflow in reassemble_continuation_state

Detailed report: https://oss-fuzz.com/testcase?key=5661584824729600 Project: wireshark Fuzzer: aflwiresharkfuzzsharkipproto-udp Fuzz target binary: fuzzsharkipproto-udp Job Type: aflasanwireshark Platform Id: linux Crash Type: Heap-buffer-overflow WRITE Crash Address: 0x604002190634 Crash State:...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/05/21 11:53 a.m.20 views

imagemagick/encoder_ptif_fuzzer: Heap-buffer-overflow in PushShortPixel

Detailed report: https://oss-fuzz.com/testcase?key=5722372625137664 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderptiffuzzer Fuzz target binary: encoderptiffuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x61d000004e84...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/04/20 1:58 p.m.17 views

karchive/karchive_fuzzer: Use-of-uninitialized-value in qstrlen

Project: git://anongit.kde.org/karchive Detailed report: https://oss-fuzz.com/testcase?key=5640360216231936 Project: karchive Fuzzer: libFuzzerkarchivefuzzer Fuzz target binary: karchivefuzzer Job Type: libfuzzermsankarchive Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...

6.8AI score
Exploits0Affected Software1
Kitploit
Kitploit
added 2019/04/16 1:44 p.m.129 views

Instantbox - Get A Clean, Ready-To-Go Linux Box In Seconds

Get a clean, ready-to-go Linux box in seconds. Introduction What is instantbox? It's a project that spins up temporary Linux systems with instant webshell access from any browser. What can an instantbox do? 1. provides a clean Linux environment for a presentation 2. let students experience the...

7.3AI score
Exploits0References1
Debian
Debian
added 2019/04/07 12:33 p.m.89 views

[SECURITY] [DLA 1750-1] roundup security update

Package : roundup Version : 1.4.20-1.1+deb8u2 CVE ID : CVE-2019-10904 Hanno Böck was discovered that there was a cross-site scripting XSS vulnerability in the web front-end of the roundup issue- tracking system. For Debian 8 "Jessie", this issue has been fixed in roundup version 1.4.20-1.1+deb8u2...

6.1CVSS6.2AI score0.01568EPSS
Exploits1
ripstech
ripstech
added 2019/03/19 7:0 a.m.43 views

Java Security Analysis for IntelliJ IDEA

New Plugin Features In the course of our last releases, we added various new functionalities and improved existing ones to enhance the quality of our IntelliJ plugin. These include support for analyzing Java code, support for multi-module projects, tracking and commenting of issues, and the optio...

6.9AI score
Exploits0
ossfuzz
ossfuzz
added 2019/02/22 5:6 p.m.16 views

opencv/imread_fuzzer: Heap-buffer-overflow in gtTileSeparate

Project: https://github.com/opencv/opencv.git Detailed report: https://oss-fuzz.com/testcase?key=5098633869918208 Project: opencv Fuzzer: libFuzzeropencvimreadfuzzer Fuzz target binary: imreadfuzzer Job Type: libfuzzerasanopencv Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash...

6.4AI score
Exploits0Affected Software1
CNVD
CNVD
added 2019/02/11 12:0 a.m.1 views

Traq Cross-Site Request Forgery Vulnerability

Traq is a PHP-based project management and issue tracking system. Traq suffers from a cross-site request forgery vulnerability that arises from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could use this vulnerability to send...

8.8CVSS6.9AI score0.00804EPSS
Exploits1References1
ossfuzz
ossfuzz
added 2019/01/11 8:52 a.m.22 views

imagemagick/encoder_ept3_fuzzer: Use-of-uninitialized-value in WriteBlob

Detailed report: https://oss-fuzz.com/testcase?key=5085775568306176 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderept3fuzzer Fuzz target binary: encoderept3fuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

6.8AI score
Exploits0Affected Software1
Hacker One
Hacker One
added 2019/01/09 12:16 p.m.41 views

Internet Bug Bounty: ZeroMQ libzmq remote code execution

Bug report and exploit: https://github.com/zeromq/libzmq/issues/3351 Fix by me: https://github.com/zeromq/libzmq/pull/3353 My motive for full disclosure is as follows: Is it true that it is not safe to use ZeroMQ over the internet because it will crash? Earlier versions of the ZeroMQ library befo...

9CVSS8.6AI score0.09444EPSS
Exploits2
ossfuzz
ossfuzz
added 2018/11/03 3:34 p.m.13 views

poppler/pdf_fuzzer: Use-of-uninitialized-value in Parser::makeStream

Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5732071763345408 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type:...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2018/10/16 11:9 a.m.17 views

harfbuzz/hb-shape-fuzzer: Global-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short

Project: https://github.com/harfbuzz/harfbuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5718889451749376 Project: harfbuzz Fuzzer: aflharfbuzzhb-shape-fuzzer Fuzz target binary: hb-shape-fuzzer Job Type: aflasanharfbuzz Platform Id: linux Crash Type: Global-buffer-overflow READ 1 Cra...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2018/10/15 5:52 p.m.18 views

libreoffice/ww6fuzzer: Heap-use-after-free in SwIndex::Remove

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5733739670274048 Project: libreoffice Fuzzer: afllibreofficeww6fuzzer Fuzz target binary: ww6fuzzer Job Type: aflasanlibreoffice Platform Id: linux Crash Type: Heap-use-after-free READ 8 Cra...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2018/08/01 6:15 p.m.18 views

glib/fuzz_bookmark: Heap-buffer-overflow in fuzz_bookmark.c

Project: https://gitlab.gnome.org/GNOME/glib.git Detailed report: https://oss-fuzz.com/testcase?key=5131520774766592 Project: glib Fuzzer: libFuzzerglibfuzzbookmark Fuzz target binary: fuzzbookmark Job Type: libfuzzerasanglib Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Addres...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2018/07/15 7:27 p.m.17 views

poppler/pdf_fuzzer: Use-of-uninitialized-value in clip01

Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5664576019365888 Project: poppler Fuzzer: libFuzzerpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type:...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder