10 matches found
EulerOS Virtualization 2.13.0 : libsodium (EulerOS-SA-2026-2175)
According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...
Microsoft Office SharePoint 代码问题漏洞
Microsoft Office SharePoint is an enterprise content collaboration and document management platform developed by Microsoft Corporation. There is a code vulnerability in Microsoft Office SharePoint, which stems from deserializing untrusted data, potentially allowing authorized attackers to execute...
Exploit for Deserialization of Untrusted Data in Microsoft
WSUS Security Research Toolkit - Installation Guide System...
Algolia Search & Discovery for Magento 2 Has Untrusted Data Handling
Versions of the Algolia Search & Discovery extension for Magento 2 prior to 3.17.2 and 3.16.2 contain a vulnerability where data read from the database was treated as a trusted source during job execution. If an attacker is able to modify records used by the extension’s indexing queue, this could...
EUVD-2020-12466
Malware in sbrugna...
LibreNMS Misc Section Stored Cross-site Scripting vulnerability
StoredXSS-LibreNMS-MiscSection Description: Stored XSS on the parameter: ajaxform.php - param: state Request: http POST /ajaxform.php HTTP/1.1 Host: X-Requested-With: XMLHttpRequest X-CSRF-TOKEN: Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Cookie:...
Remote Code Execution (RCE)
backpack/filemanager is vulnerable to Remote Code Execution. The vulnerability is due to improper handling of untrusted data during deserialization from the mimes parameter, allows an attacker to execute remote code on the affected system...
CVE-2024-5580
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
Acceptance of Extraneous Untrusted Data With Trusted Data
Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data through the processing of shortcodes in user-generated content. An attacker can manipulate...
codeblue remote root
/ Demonstration linux-x86 remote root against codeblue v1.1 from file header Otherwise it's known as CodeBlue v4 This is a rather trivial to exploit... From getsmtpreply "We'll loop infinately, receiving 1 byte at a time until we receive a carriage return or line-feed character, signifying the en...