EUVD-2026-9987

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file...

PT-2025-51791

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote...

CVE-2025-62428

Drawing-Captcha APP provides interactive, engaging verification for Web-Based Applications. The vulnerability is a Host Header Injection in the /register and /confirm-email endpoints. It allows an attacker to manipulate the Host header in HTTP requests to generate malicious email confirmation...

CVE-2025-62428 Drawing-Captcha APP Host Header Injection in `/register` and `/confirm-email` Endpoints

Drawing-Captcha APP provides interactive, engaging verification for Web-Based Applications. The vulnerability is a Host Header Injection in the /register and /confirm-email endpoints. It allows an attacker to manipulate the Host header in HTTP requests to generate malicious email confirmation...

EUVD-2007-4124

Malware in sbrugna...

CLSA-2023-1687795384 Fix CVE(s): CVE-2023-25584, CVE-2017-12450, CVE-2023-25588, CVE-2023-25585

SECURITY UPDATE: fixing the existing CVE-2017-12450 patches that were incorrectly ported from upstream - debian/patches/CVE-2017-12450-1.patch: fix address violation errors - debian/patches/CVE-2017-12450-2.patch: import patches from mainline to fix minor binutils bugs - CVE-2017-12450 SECURITY...

lfs3-overflow.txt

/ 0day Live for speed patch x s2 /s1 and demo local .ply File buffer over flow Live for speed .ply file is a set up file,This file is shared amongst user's Who want stylish number plate's on there car's the buffer over flow happened with An overly long number plate string inside the .ply file.So ...

CVE-2007-4140

Buffer overflow in Live for Speed LFS S2 ALPHA PATCH 0.5x allows user-assisted remote attackers to execute arbitrary code via a .mpr file replay file that contains a long car name...

CVE-2007-4140

CVE-2007-4140 : Buffer overflow in Live for Speed (LFS) S2 ALPHA PATCH 0.5x allows remote attackers to execute arbitrary code via a replay file (.mpr) containing a long car name. The vulnerability is due to an overflow in the replay file handling. Exploitation details or patches are not provided ...

Live for Speed S1/S2/Demo - '.mpr replay' Local Buffer Overflow

/ 0day Live for speed patch x s2 /s1 and demo local .mpr buffer over flow Credit's to n00b for finding bug and writing the exploit Lfs is a racing simulator with a huge player data-base with 100,000+ user's. I found a local buffer over flow where im able to execute shell code on the user's...