CVE-2022-50336

CVE-2022-50336 – Linux kernel (fs/ntfs3) Root cause: a missing null pointer check in attr_load_runs_vcn when parsing certain NTFS metadata before MFT could permit a kernel NULL pointer dereference on malformed images. Impact: kernel crash/free crash (NPD) resulting from NULL dereference in ntfs-r...

New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface UEFI systems using a now-patched vulnerabilit...

Linux Distros Unpatched Vulnerability : CVE-2022-48425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 Note that...

CVE-2024-5897

A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=logvisitor. The manipulation of the argument name leads to cross site...

CVE-2023-0686

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function updatecart of the file /oews/classes/Master.php?f=updatecart of the component HTTP POST Request Handler. The manipulation of the argument cartid leads to sql injectio...

CVE-2023-1987

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Affected by this vulnerability is the function updateorderstatus of the file /classes/Master.php?f=updateorderstatus. The manipulation of the argument id leads to sql injection. The...

CVE-2022-30385

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=deleteorder...

CVE-2019-10294

Jenkins Kmap Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10313

Jenkins Twitter Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-10447

Jenkins Sofy.AI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10277

Jenkins StarTeam Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-1003089

Jenkins Upload to pgyer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10347

Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-1003056

Jenkins WebSphere Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-10451

Jenkins SOASTA CloudTest Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

DEBIAN-CVE-2022-49763

In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series "ntfs: fix bugs about Attribute", v2. This patchset fixes three bugs relative to Attribute in record: Patch 1 adds a sanity check to ensure that, attrsoffset field in first mf...

SourceCodester Online Eyewear Shop 安全漏洞

SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL, which provides an online shopping and ordering platform for the eyewear business and its potential customers. A security vulnerability exists in SourceCodester...

SourceCodester Online Eyewear Shop 代码注入漏洞

SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL, which provides an online shopping and ordering platform for the eyewear business and its potential customers. A code injection vulnerability exists in...

PT-2024-39854 · Sourcecodester · Sourcecodester Online Eyewear Shop

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A critical issue has been identified, affecting the delete product function in the /classes/Master.php?f=delete product file. The manipulation of the id argument leads to SQL...

CVE-2024-7668

A vulnerability has been found in SourceCodester Car Driving School Management System 1.0 and classified as critical. This vulnerability affects the function deletepackage of the file Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...