Lucene search
K

94 matches found

Cvelist
Cvelist
added 2023/03/24 12:0 a.m.19 views

CVE-2023-21022

In BufferBlock of Suballocation.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

8AI score0.00095EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/01/30 12:0 a.m.12 views

WP Dark Mode < 4.0.0 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack PoC Exploit shortcode: wpdarkmode class='" onmouseover="alert1"'...

5.4CVSS5.4AI score0.00457EPSS
Exploits2Affected Software1
Veracode
Veracode
added 2023/01/10 2:36 a.m.19 views

Cross-site Scripting (XSS)

org.apache.sling.cms.ui is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the library does not properly encode the resource.path variable before being rendered, allowing an attacker to inject and execute malicious JavaScript through the site group feature...

5.4CVSS5.4AI score0.01382EPSS
Exploits0References3Affected Software1
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.458 views

10WebMapBuilder < 1.0.72 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...

5.4CVSS2.2AI score0.00471EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2022/12/22 8:15 p.m.25 views

CVE-2022-46881

An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106...

8.8CVSS7.2AI score0.00722EPSS
Exploits0References4
Code423n4
Code423n4
added 2022/12/12 12:0 a.m.18 views

depositAndTrade function is incomplete & does not use returnValue of UniswapV3 router

Lines of code Vulnerability details Impact depositAndTrade function seems to be incomplete - the tokenOutput from swapRouter is currently owned by DepositTradeHelper account and needs to be transferred back to msg.sender who initiated this transaction. Since this contract doesn't seem to be part ...

7.1AI score
Exploits0
wpexploit
wpexploit
added 2022/12/08 12:0 a.m.370 views

Product list Widget for Woocommerce <= 1.0 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both unauthenticated and authenticated users such as high privilege one like admin. Make any unauthenticated or authenticated users su...

6.1CVSS0.3AI score0.00483EPSS
Exploits2
OSV
OSV
added 2022/11/14 7:50 p.m.9 views

GSD-2022-1007587 drivers: serial: jsm: fix some leaks in probe

drivers: serial: jsm: fix some leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.296 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/11/14 6:46 p.m.7 views

GSD-2022-1006874 staging: greybus: audio_helper: remove unused and wrong debugfs usage

staging: greybus: audiohelper: remove unused and wrong debugfs usage This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/09/17 1:16 a.m.7 views

GSD-2022-1006319 netfilter: nf_tables: fix null deref due to zeroed list head

netfilter: nftables: fix null deref due to zeroed list head This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.326 by commit...

7.2AI score
Exploits0
Debian CVE
Debian CVE
added 2022/08/29 12:0 a.m.35 views

CVE-2022-35014

Advancecomp v2.3 contains a segmentation fault...

5.5CVSS5.6AI score0.00427EPSS
Exploits1
NVD
NVD
added 2022/04/28 10:15 a.m.22 views

CVE-2022-29816

In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible...

3.2CVSS0.00259EPSS
Exploits0References1
OSV
OSV
added 2022/03/18 12:32 a.m.14 views

GSD-2022-1000919 net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()

net: arcnet: com20020: Fix null-ptr-deref in com20020pciprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.270 by commit...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/19 6:25 a.m.35 views

Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites

Patches have been issued to contain a "severe" security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations, that can be weaponized to download the site's private data using an account on the vulnerable sites. "All versions of UpdraftPlus from March 2019 onwards...

6.5CVSS2.8AI score0.01979EPSS
Exploits3
NVD
NVD
added 2022/02/10 8:15 p.m.9 views

CVE-2022-24916

Optimism before @eth-optimism/[email protected] allows economic griefing because a balance is duplicated upon contract self-destruction...

7.5CVSS0.0155EPSS
Exploits1References5
Code423n4
Code423n4
added 2021/12/19 12:0 a.m.8 views

Attacker can break joinTokenSingle() by transferring basketToken to the contract

Handle WatchPug Vulnerability details uint256 outputAmount = outputToken.balanceOfaddressthis; require outputAmount == joinTokenStruct.outputAmount, "FAILEDOUTPUTAMOUNT" ; In the current implementation, joinTokenSingle requires balanceOf outputToken strictly equal to outputAmount in calldata...

6.8AI score
Exploits0
OSV
OSV
added 2021/11/29 2:37 a.m.13 views

GSD-2021-1002299 usb: typec: tipd: Remove WARN_ON in tps6598x_block_read

usb: typec: tipd: Remove WARNON in tps6598xblockread This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.82 by commit...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2021/11/10 12:0 a.m.5 views

Wrong implementation of SwapUtils.sol#rampTargetPrice() makes it impossible to change the target price

Handle WatchPug Vulnerability details uint256 initialTargetPricePrecise = getTargetPricePreciseself; uint256 futureTargetPricePrecise = futureTargetPrice.mulTARGETPRICEPRECISION; if futureTargetPricePrecise = initialTargetPricePrecise, "futureTargetPrice is too small" ; else require...

6.9AI score
Exploits0
Huntr
Huntr
added 2021/10/28 4:5 p.m.29 views

in adodb/adodb

Description An attacker can inject values into the PostgreSQL connection string by bypassing adodbaddslashes . The function can be bypassed in phppgadmin for example by surrounding the username in quotes and submitting with other parameters injected in between. Proof of Concept I'm going to use...

6.4CVSS0.6AI score0.0217EPSS
Exploits1
Code423n4
Code423n4
added 2021/09/22 12:0 a.m.17 views

Re-entrancy in settleAuction allow stealing all funds

Handle cmichel Vulnerability details Note that the Basket contract approved the Auction contract with all tokens and the settleAuction function allows the auction bonder to transfer all funds out of the basket to themselves. The only limiting factor is the check afterwards that needs to be abided...

7.1AI score
Exploits0
Rows per page
Query Builder