16 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by...
UBUNTU-CVE-2026-23178
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by...
CVE-2026-23178
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by...
kernel: ip6mr: Fix skb_under_panic in ip6mr_cache_report()
A buffer underwrite vulnerability exists in the linux kernel in the function skbunderpanic in ip6mrcachereport, leading to an attacker, via crafting a payload, could result in damage to system availability and integrity...
EUVD-2013-2489
Malware in sbrugna...
EUVD-2022-43006
Malicious code in bioql PyPI...
CVE-2024-13037
A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been classified as critical. Affected is the function attendancereport of the file /admin/report.php. The manipulation of the argument courseid leads to sql injection. It is possible to launch the attack...
PT-2024-30206
Name of the Vulnerable Software and Affected Versions eScan Management Console version 14.0.1400.2281 Description The issue is related to Incorrect Access Control via the acteScanAVReport function. Recommendations For eScan Management Console version 14.0.1400.2281, consider restricting access to...
kernel: ip6mr: Fix skb_under_panic in ip6mr_cache_report()
A buffer underwrite vulnerability exists in the linux kernel in the function skbunderpanic in ip6mrcachereport, leading to an attacker, via crafting a payload, could result in damage to system availability and integrity...
PT-2022-19511 · Nagios Xi · Nagios Xi
Name of the Vulnerable Software and Affected Versions: Nagios XI versions 5.8.5 and earlier Description: The issue allows an authenticated attacker to inject HTML tags in the schedule report function, leading to the reformatting or editing of emails from an official email address. Recommendations...
Whoopsie Resource Management Error Vulnerability
Whoopsie is a bug reporting program for Ubuntu Linux. A resource management error vulnerability exists in the 'parsereport' function of the whoopsie.c file in Whoopsie. A local attacker could exploit this vulnerability to cause a denial of service memory leak...
AlienVault : DOM Based XSS in https://threatcrowd.org
Hello AlienVault security team, I found a DOM Based XSS in https://threatcrowd.org via report function. Proof of Concept Steps to reproduce: 1. https://threatcrowd.org/report.php?report= 2. Fill in with this payload: javascript:promptdocument.domain 3. Send link to victim, when victim click in to...
XTACACSD <= 4.1.2 report Buffer Overflow
XTACACSD. CVE-2008-7232. Remote exploit for freebsd platform $Id: xtacacsdreport.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information o...
Kusaba X <= 0.9 XSS/CSRF vulnerabilities
========================================== Kusaba X = 0.9 XSS/CSRF vulnerabilities ========================================== Kusaba X suffers XSS and CSRF vulnerabilities that would allow an attacker to take over the web application and possibly the entire server depending on the MySQL...
Summit Computer Networks Lil' HTTP Server 2 - 'URLCount.cgi' HTML Injection
source: https://www.securityfocus.com/bid/5115/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. Reportedly, Lil' HTTP Server is vulnerable to HTML injection attacks. The vulnerability is present in the 'REPORT' function foun...
Summit Computer Networks Lil HTTP Server 2 - URLCount.cgi HTML Injection
Summit Computer Networks Lil HTTP Server 2 - URLCount.cgi HTML Injection source: https://www.securityfocus.com/bid/5115/info Lil' HTTP server is a web server application for Windows environments and is maintained by Summit Computer Networks. Reportedly, Lil' HTTP Server is vulnerable to HTML...