CVE-2018-17847

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in nodeStack.pop in node.go, called from parser.clearActiveFormattingElements, during an html.Parse call...

Substratum Integer Overflow Vulnerability

Substratum SUB is an ethereum-based virtual currency. An integer overflow vulnerability exists in the 'mintToken' function in Substratum's smart contract implementation, which can be exploited by an attacker to control mintedAmount and arbitrarily modify the balance of a user's account...

bojna.hr XSS vulnerability

Open Bug Bounty ID: OBB-679420 Description| Value ---|--- Affected Website:| bojna.hr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-17402

The PhonePe wallet aka com.PhonePe.app application 3.0.6 through 3.3.26 for Android might allow attackers to discover the Credit/Debit card number, expiration date, and CVV number. NOTE: the vendor says that, to exploit this, the user has to explicitly install a malicious app and provide...

CVE-2018-17334

An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svgstring.c allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact because a strncpy copy limit is miscalculated...

Information disclosure

gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating 1 /.gitolite.rc, 2 /.gitolite, or 3 /repositories/gitolite-admin.git on fresh installs...

Chaturbate: Forget password link not expiring after email change.

I found a token miss configuration flaw in chaturbate.com, When we reset password for a user a link is sent to the registered email address but incase it remain unused and email is updated by user from setting panel then too that old token reset link sent at old email address remains valid. A...

Pluck Cross-Site Scripting Vulnerability

Pluck is a simple content management system CMS written in PHP. A cross-site scripting vulnerability exists in Pluck version 4.7.7, which can be exploited by remote attackers to execute scripts via SVG files with Javascript code in the SCRIPT element...

Design/Logic Flaw

A Pektron Passive Keyless Entry and Start PKES system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two...

MedDream PACS Server Premium 6.7.1.1 - Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal Software Link: https://www.softneta.com/products/meddream-pacs-server/downloads.html Google Dork: inurl:pacs/login.php, inurl:pacsone/login.php, inurl:pacsone...

Ghostscript Failed Restore Command Execution Exploit

This Metasploit module exploits a -dSAFER bypass in Ghostscript to execute arbitrary commands by handling a failed restore grestore in PostScript to disable LockSafetyParams and avoid invalidaccess. This vulnerability is reachable via libraries such as ImageMagick, and this module provides the...

CVE-2018-12240

The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials...

LatexDrawXML External Entity Injection Vulnerability

LatexDraw is a vector image editor. An XML external entity injection vulnerability exists in the SVG parsing feature in LatexDraw 4.0 and earlier versions. The vulnerability can be exploited to disclose data, spoof server-side requests, scan ports, or cause a denial of service with the help of...

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

5On August 14th, 2018, three vulnerabilities were disclosed by Intel and security researchers that leverage a speculative execution side-channel method referred to as L1 Terminal Fault L1TF that affects modern Intel microprocessors. These vulnerabilities could allow an unprivileged, local attacke...

Medtronic MiniMed MMT-500/MMT-503 Remote Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 5.3 Vendor: Medtronic --------- Begin Update A Part 1 of 3 -------- Equipment: Medtronic MiniMed MMT-500 and MMT-503 Remote Controllers --------- End Update A Part 1 of 3 -------- Vulnerabilities: Cleartext Transmission of Sensitive Information, Authentication Bypass...

Xxe

Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities XXE. XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attac...

CVE-2016-8526

Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities XXE. XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attac...

SquirrelMail Cross-Site Scripting Vulnerability (CNVD-2019-19610)

SquirrelMail is a cross-platform use of PHP4 development Webmail mail system . A cross-site scripting vulnerability exists in the email message display page of SquirrelMail 1.4.22 and earlier versions, which can be exploited by remote attackers to inject malicious scripts into a web page and...

CVE-2018-14950

The mail message display page in SquirrelMail through 1.4.22 has XSS via a "a xlink:href=" attack...

UBUNTU-CVE-2018-14955

The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations animate to attribute...