GPAC Security Vulnerabilities

GPAC is an open source multimedia framework. A security vulnerability exists in versions prior to GPAC v.2.3-DEV, which stems from the presence of a buffer overflow vulnerability that could allow a local attacker to cause a denial of service via...

Webkul Software Bagisto 安全漏洞

Webkul Software Bagisto is an open source e-commerce framework from Indian company Webkul Software. A security vulnerability exists in Webkul Software Bagisto v1.5.1 that stems from susceptibility to server-side template injection SSTI attacks...

PowerJob Access Control Error Vulnerability (CNVD-2023-32767)

PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. An Access Control Error vulnerability exists in PowerJob version V4.3.1 that stems from improper access control. An attacker could exploit the...

NVIDIA BMC 安全漏洞

NVIDIA BMC is an OpenBMC open software framework from NVIDIA. A security vulnerability exists in NVIDIA BMC. An attacker exploiting this vulnerability could access arbitrary files, which could lead to information leakage...

NVIDIA BMC 安全漏洞

NVIDIA BMC is an OpenBMC open software framework from NVIDIA. A security vulnerability exists in NVIDIA BMC. An attacker exploiting this vulnerability could guess a valid BMC username, which could lead to information disclosure...

Usbsas - Tool And Framework For Securely Reading Untrusted USB Mass Storage Devices

usbsas is a free and open source GPLv3 tool and framework for securely reading untrusted USB mass storage devices. Description Following the concept of defense in depth and the principle of least privilege, usbsas's goal is to reduce the attack surface of the USB stack. To achieve this, most of t...

PEAR Archive_Tar Improper Link Resolution Vulnerability

PEAR ArchiveTar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party...

CodeIgniter CMS 4.2.0 SQL Injection

+++++++++++++++++++++++++++++++++ + +Exploit Title : CodeIgniter CMS Version 4.2.0 Sql Injection Vulnerability + +Exploit Author : E1.Coders + +Vendor Homepage : https://www.codeigniter.com/ + +Google Dork ONE : searchResult/?title= + +Google Dork Two : Job/searchResult/?title= + +Date : 15 / 05 ...

Pocsploit - A Lightweight, Flexible And Novel Open Source Poc Verification Framework

pocsploit is a lightweight, flexible and novel open source poc verification framework Pain points of the POC framework in the market 1. There are too many params, I don't know how to get started, but only some of them are commonly used. 2. YAML poc frameworklike nuclei & xray is not flexible...

Maat - Open-source Symbolic Execution Framework

Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution, taint analysis, constraint solving, binary loading, environment simulation, and leverages Ghidra's sleigh library for assembly lifting: https://maat.re...

Gradio 安全漏洞

gradio is an open source framework. gradio is vulnerable to arbitrary code injection. The vulnerability automatically runs these commands and can be exploited by an attacker to run arbitrary commands on a user's computer...

GPAC 资源管理错误漏洞

GPAC is an open source multimedia framework. GPAC suffers from a resource management error vulnerability, no detailed vulnerability details are provided at this time...

ZEROF Web Server跨站脚本漏洞

ZEROF Web Server is an open source Web framework that simplifies modern Web development . It allows you to build applications without having to worry about package management or routing. ZEROF Web Server has a security vulnerability , there is no information about the vulnerability , please keep...

GPAC 资源管理错误漏洞

GPAC is an open source multimedia framework. GPAC in version v1.1.0 there is a denial of service vulnerability , the vulnerability stems from the function gffree in utils/alloc.c through the existence of an invalid release , an attacker can exploit the vulnerability to perform a denial of service...

gpac 代码问题漏洞

GPAC is an open source multimedia framework. gfsgvrmlmfappend function in GPAC version 1.1.0 has a null pointer dereference vulnerability that can be exploited by attackers to cause segmentation errors and application crashes...

GPAC 代码问题漏洞

GPAC is an open source multimedia framework. gfsgvrmlmfalloc function in GPAC version 1.1.0 has a null pointer dereference vulnerability that can be exploited by attackers to cause segmentation errors and application crashes...

GPAC 代码问题漏洞

GPAC is an open source multimedia framework. a code issue vulnerability exists in GPAC, which stems from an error in the processing logic of the product's gfgetbitsize function. An attacker could cause a denial of service through this vulnerability...

Design/Logic Flaw

Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio link can access an...

CVE-2021-32697 Form validation can be skipped

neos/forms is an open source framework to build web forms. By crafting a special GET request containing a valid form state, a form can be submitted without invoking any validators. Form state is secured with an HMAC that is still verified. That means that this issue can only be exploited if Form...

Important: Red Hat Security Advisory: gupnp security update

An update for gupnp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...