102789 matches found
Vapt-web-application-lab
No d...
Advance_WAF_project_CS
WAFinity - Infinite Protection, Intelligent Detection WAFin...
[SECURITY] Fedora 43 Update: yelp-49.1-1.fc43
Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including traditional man pages, info pages and documentation written in DocBook...
bug-bounty-reports
Bug Bounty Reports — Josef Basner Sanitized, redacted, resp...
CVE-2021-47971
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...
CVE-2021-47972
Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...
CVE-2021-47972
The CVE-2021-47972 entry affects Sticky Notes & Color Widgets 1.4.2 and describes a denial-of-service: attackers can crash the application by pasting excessively long character strings into note fields, causing crashes and unresponsiveness. The connected documents confirm the affected product/ver...
CVE-2021-47971
CVE-2021-47971 affects My Notes Safe 5.3 and describes a denial of service via a buffer overflow. According to the connected documents, an attacker can crash the application by pasting excessively long strings into note fields: a payload of about 350,000 repeated characters pasted twice into a ne...
EUVD-2021-34827
Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...
CVE-2021-47971
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...
Stored Cross-Site Scripting
XWiki Blog Application is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper escaping of blog post titles before insertion into the HTML tag, allowing attackers with blog editing permissions to inject malicious JavaScript that executes in the browser of users...
Sensitive Information Exposure
com.ritense.valtimo, web is vulnerable to sensitive information exposure. The vulnerability is due to the LoggingRestClientCustomizer automatically logging full HTTP request and response details, including headers and bodies, in error messages, which allows an attacker to access sensitive...
Use After Free
Electron is vulnerable to Use After Free. The vulnerability is due to improper handling of child windows in offscreen rendering mode after the parent WebContents is destroyed, which allows an attacker to trigger memory corruption or application crashes through crafted child window interactions...
Exploit for CVE-2026-8181
CVE-2026-8181 - Burst Statistics Authentication Bypass Exploit...
PT-2026-41455
Name of the Vulnerable Software and Affected Versions Color Notes version 1.4 Description A denial of service issue allows attackers to crash the application by pasting excessively long character strings into note fields. Specifically, pasting a payload containing 350,000 repeated characters twic...
PT-2026-41459
Name of the Vulnerable Software and Affected Versions Sticky Notes Widget version 3.0.6 Description A denial of service issue allows attackers to crash the application on iOS devices. This occurs when excessively long character strings are pasted into note fields. Specifically, pasting a payload...
GHSA-W42G-JJ8W-FJ77 Duplicate Advisory: phpMyFAQ: Stored XSS via Utils::parseUrl() in comment rendering
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9525-27vj-c8r8. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl that allows authenticat...
GHSA-W9MJ-GFRM-HJ5X Duplicate Advisory: phpMyFAQ has an Authorization Bypass in All Admin Pages Due to Non-Terminating Permission Check
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hpgw-ww76-c68r. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains an authorization bypass vulnerability in...
CVE-2026-45301
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.3.16, a missing permission check in all files related API endpoints allows any authenticated user to list, access and delete every file uploaded by every user to the platform. This...
[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-17.fc43
naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...