Astra Linux - уязвимость в gst-plugins-bad1.0

A flaw was discovered in the gstreamer H.264 component of gst-plugins-bad before v1.18.1. When parsing an H.264 header, an attacker could cause the stack to be corrupted, leading to memory corruption and potentially code execution...

Buffer-Overflow-Exploit-C

Buffer Overflow & Stack Smashing Exploit Overview This pro...

EUVD-2018-11109

Malware in sbrugna...

EUVD-2016-5945

Malware in sbrugna...

EUVD-2022-1905

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-4973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attack...

CVE-2021-35440

Smashing 1.3.4 is vulnerable to Cross Site Scripting XSS. A URL for a widget can be crafted and used to execute JavaScript on the victim's computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment e.g. if re-using internal URL's for...

RHEL 6 : cairo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cairo: libreoffice slideshow aborts with stack smashing in cairo's compositeboxes CVE-2020-35492 - Intege...

SUSE CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

SUSE CVE-2021-3185

A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution...

GHSA-254J-MMC5-QHPX Smashing Cross-site Scripting vulnerability

Smashing 1.3.4 is vulnerable to Cross Site Scripting XSS. A URL for a widget can be crafted and used to execute JavaScript on the victim's computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment e.g. if re-using internal URL's for...

Smashing Cross-site Scripting vulnerability

Smashing 1.3.4 is vulnerable to Cross Site Scripting XSS. A URL for a widget can be crafted and used to execute JavaScript on the victim's computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment e.g. if re-using internal URL's for...

Smashing Cross-site Scripting vulnerability

Smashing 1.3.4 is vulnerable to Cross Site Scripting XSS. A URL for a widget can be crafted and used to execute JavaScript on the victim's computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment e.g. if re-using internal URL's for...

Huawei EulerOS: Security Advisory for gstreamer1-plugins-bad-free (EulerOS-SA-2022-1346)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : gstreamer-plugins-bad (openSUSE-SU-2021:1012-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1012-1 advisory. - A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the...

Cross-site Scripting (XSS)

Overview smashing is an a framework for pulling together an overview of data that is important to your team and displaying it easily on TVs around the office. Affected versions of this package are vulnerable to Cross-site Scripting XSS. A URL for a widget can be crafted and used to execute...

CVE-2021-35440

Smashing 1.3.4 is vulnerable to Cross Site Scripting XSS. A URL for a widget can be crafted and used to execute JavaScript on the victim's computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment e.g. if re-using internal URL's for...

CVE-2021-35440

Smashing 1.3.4 is vulnerable to Cross Site Scripting XSS. A URL for a widget can be crafted and used to execute JavaScript on the victim's computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment e.g. if re-using internal URL's for...

Cross site scripting

Smashing 1.3.4 is vulnerable to Cross Site Scripting XSS. A URL for a widget can be crafted and used to execute JavaScript on the victim's computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment e.g. if re-using internal URL's for...

CVE-2021-35440

Smashing 1.3.4 is vulnerable to Cross-Site Scripting (XSS) via a crafted widget URL that can execute JavaScript in a victim’s browser and potentially exfiltrate session data/cookies. Affected component: the Smashing widget URL handling; root cause is insufficient input validation/escaping in the ...