EUVD-2019-19842

NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash...

CVE-2019-25547

NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash...

CVE-2019-25547

NetAware 1.20 is affected by a local-denial-of-service vulnerability in the User Blocking feature. A crafted input of 512 bytes pasted into the “Add a website or keyword to be filtered” field can cause a buffer overflow, crashing the application when the created block is removed. This CVE (CVE-20...

CVE-2019-25547 NetAware 1.20 Denial of Service via Add Block Buffer Overflow

NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash...

CVE-2019-25547

NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash...

PT-2026-26892

NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash...

Infiltration Systems NetAware 缓冲区错误漏洞

Infiltration Systems NetAware is a network management tool developed by Invasion Systems Corporation, designed to monitor computer network activities and application usage. Version 1.20 of Infiltration Systems NetAware contains a buffer error vulnerability. This vulnerability stems from a buffer...

EUVD-2019-0370

Malware in sbrugna...

EUVD-2023-41207

Malicious code in bioql PyPI...

EUVD-2021-28808

Malicious code in bioql PyPI...

CVE-2022-39229

Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, th...

CVE-2022-39229

Grafana is an open source data visualization platform for metrics, logs, and traces. Versions prior to 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and email address are unique fields, th...

Send message to blocked user

Description In this case if a userA block userB. UserB is still able to send private message to user A Proof of Concept 1.USerA block userB 2.UserB send direct request to message endpoint with userA''s userID Poc POST https://bookwyrm.social/post/direct Host: bookwyrm.social User-Agent: Mozilla/5...

TikTok: Blocked user can see live video

A flaw had the potential to cause a user's live videos to be suggested to a blocked user. We thank @sandipgyawali for reporting this to our team and confirming the resolution...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-2196)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : sudo (EulerOS-SA-2020-1135)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a...

CVE-2019-19234

In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...

Design/Logic Flaw

Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked...

FreeBSD : Gitlab -- Multiple Vulnerabilities (b17c86b9-e52e-11e9-86e9-001b217b3468)

SO-AND-SO reports : XSS in Markdown Preview Using Mermaid Bypass Email Verification using Salesforce Authentication Account Takeover using SAML Uncontrolled Resource Consumption in Markdown using Mermaid Disclosure of Private Project Path and Labels Disclosure of Assignees via Milestones Disclosu...

Gitlab -- Multiple Vulnerabilities

The GitLab Team reports: XSS in Markdown Preview Using Mermaid Bypass Email Verification using Salesforce Authentication Account Takeover using SAML Uncontrolled Resource Consumption in Markdown using Mermaid Disclosure of Private Project Path and Labels Disclosure of Assignees via Milestones...