110 matches found
cub-scout-tracker SQL注入漏洞
cub-scout-tracker is a library. A SQL injection vulnerability exists in cub-scout-tracker. An attacker could exploit this vulnerability to perform a sql injection attack...
X.org Server 安全漏洞
X.org Server is an open source free software from the X.org Foundation. A security vulnerability exists in X.org Server. An attacker exploited the vulnerability to perform a denial-of-service attack...
bbs-go 跨站脚本漏洞
bbs-go is an open source community system built using the Go language. bbs-go 3.3.0 and earlier versions have a cross-site scripting vulnerability that stems from the lack of filtering and escaping of user data in the v-html tag of vue used by the application. An attacker could use this...
Stark Bank Data Forgery Problem Vulnerability (CNVD-2021-95641)
Stark Bank is a banking API for individual developers in Brazil. performs all banking operations through the API, simplifying and automating payments, facilitating reconciliations and scaling operations. A data forgery issue vulnerability exists in Stark Bank Ecdsa-java, which stems from a failur...
Explanation of the zero-day attack
What is a zero-day vulnerability? A zero-day weakness is an obscure security weakness or programming blemish that a danger entertainer can focus with noxious code. The expression “Zero-Day” is utilized in light of the fact that the product merchant was uninformed of their product weakness, and...
DELL EMC Repository Manager has an unspecified vulnerability
DELL EMC Repository Manager is an application within the Dell OpenManage product portfolio from Dell USA that allows IT administrators to easily manage system updates.Dell Repository Manager provides a searchable interface for creating custom software collections that are A security vulnerability...
Unauthorized Access Vulnerability in X4255LX at Samsung (China) Investment Co.
The X4255LX is a printer from Samsung China Investment Co. An unauthorized access vulnerability exists in the Samsung China Investment Co. X4255LX, which can be exploited by attackers to obtain sensitive information...
Microsoft 3D Viewer 3MF Code Execution Vulnerability
Microsoft 3D Viewer is a 3D modeling tool developed by Microsoft. A use-after-release vulnerability exists in Microsoft 3D Viewer 3MF processing, which can be exploited by an attacker to submit a special file request that can be tricked into being parsed by the user, which can cause the applicati...
Logic Flaw Vulnerability in Backend Management System of Website Builder Workshop
Ltd. is a technical service provider of information security products based on cloud computing data center, and is one of the top three organizations in the domestic IDC industry. There is a logic flaw vulnerability in the backend management system of the station building workshop, which can be...
Shenzhen Jixiang Tengda Technology Co., Ltd. AC11 suffers from Denial of Service Vulnerability (CNVD-2021-35780)
The Tundra AC11 is a wireless router that uses the RTOS operating system. A denial of service vulnerability exists in the Shenzhen Jixiang Tengda AC11, which can be exploited by attackers to cause a denial of service attack...
Unauthorized access vulnerability exists in nacos (CNVD-2021-10382)
Nacos is the latest open source project from Alibaba. nacos has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...
Oracle E-Business Suite Authorization Issues Vulnerability (CNVD-2021-08451)
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in the Oracle Email...
IBM DataPower Gateway Security Vulnerability
IBM DataPower Gateway is a suite of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interfaces APIs, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates and optimizes access across...
Binary Vulnerability in KINCO DTools
Shanghai BUCO Automation Co., Ltd. has been focusing on the research, development, production, sales and related technical services of core components for industrial automation equipment control and industrial IoT/Internet software and hardware, as well as providing customers with equipment...
Cisco Security Manager Path Traversal Vulnerability
Cisco Security Manager CSM is a suite of enterprise-level management applications from Cisco that are used to configure firewall, VPN, and intrusion protection security services on Cisco network and security devices. A path traversal vulnerability exists in Cisco Security Manager 4.21 and earlier...
Microsoft Windows Runtime Elevation of Privilege Vulnerability (CNVD-2021-22919)
Microsoft Windows Runtime .net framework is an essential functional support library for the Windows operating system from Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows Runtime, which arises from the program's failure to properly handle objects in memory. The...
Unspecified Vulnerability in Apple macOS Catalina WebKit Component
Apple macOS Catalina is a proprietary operating system developed by Apple for Mac computers.WebKit is one of the components of the Web browser engine. A security vulnerability exists in the WebKit component in Apple macOS Catalina versions prior to 10.15, which stems from the 'Clear History and...
X (Formerly Twitter): http request smuggling in pscp.tv and periscope.tv
Description: the Description of HTTP request smuggling attacks : here seems that many subdomains in pscp.tv and periscope.tv vulenrable 1-Detect HTTP request smuggling attack 504 response with delay 30 s, 60s "DoS" POC & Steps To Reproduce: in this video F606648 Resource:...
Google Android power lifting vulnerability (CNVD-2019-37962)
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. Google Android suffers from an elevation of privilege vulnerability. An attacker can exploit this vulnerability to elevate privileges...
Microsoft Internet Explorer XML Injection Vulnerability
Microsoft Internet Explorer is a Web browser that comes with the Windows operating system. Microsoft Internet Explorer suffers from an XML injection vulnerability. An attacker could exploit this vulnerability to conduct XML injection attacks...