CVE-2022-23328

CVE-2022-23328 describes a design flaw in all versions of Go-Ethereum whereby an attacker node can inject 5,120 pending transactions with high gas prices from a single account. This behavior can purge the victim node’s memory pool of pending transactions and then saturate the pool, blocking new t...

Dahua ToolBox 1.010.0000000.0 DLL Hijacking

Hi all, I have actually contacted Dahua PSIRT team and they confirmed the vulnerability exists few days ago but then since this product is not in that scope on requesting CVE and therefore I am going to disclose the details here: Vulnerable Software and Version: ToolBox-V1.010.0000000.0 versions...

Design/Logic Flaw

seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...

Cross-site Scripting (XSS) - Stored

Description Stored XSS is a vulnerability in which the attacker can execute arbitrary javascript code in the victim's browser. The XSS payload is stored in a webpage and it gets executed whenever someone visits that webpage. I used &10 Line Feed character in the href attribute of tag to bypass th...

Adobe Creative Cloud Desktop Uncontrolled Search Path Element Vulnerability

Adobe Creative Cloud Desktop Application is a suite of applications from Adobe for managing applications and services in the Creative Cloud Member Management Center. The application supports synchronizing and sharing files, managing fonts, and accessing a library of assets for commercial...

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/

Description The Introduction of a New Line Character lets the attacker the stack trace at demo.microweber.org/ This Attack becomes more significant because of its Less complication. The Stack trace discloses following information : 1. Backend Response code. 2. The Versions of Backend Laravel...

CVE-2022-23202

Adobe Creative Cloud Desktop version 2.7.0.13 and earlier is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a...

Path traversal

Adobe Creative Cloud Desktop version 2.7.0.13 and earlier is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a...

Siemens Simcenter Femap 缓冲区错误漏洞

Siemens Simcenter Femap is a cutting-edge engineering simulation application from Siemens, Germany. It is used to create, edit and import/reuse mesh-based finite element analysis models of complex products or systems. Siemens Simcenter Femap is vulnerable to an out-of-bounds write vulnerability...

Mozilla Firefox 权限许可和访问控制问题漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation in the U.S. A permission permission and access control issue vulnerability exists in Mozilla Firefox, which stems from the way Firefox handles extension updates. An attacker could use the vulnerability to trick victims into...

Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers

A high-severity security vulnerability in Argo CD can enable attackers to access targets’ application-development environments, paving the way for stealing passwords, API keys, tokens and other sensitive information. Argo CD is a continuous-delivery platform deployed as a Kubernetes controller in...

rpm: RPM does not require subkeys to have a valid binding signature

There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature."1 RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey t...

Bentley Systems Bentley View 安全漏洞

Bentley Systems Bentley View is a free viewer from Bentley Systems, USA. A security vulnerability exists in Bentley View that can be exploited by an attacker to execute code in the context of the current process...

Bentley Systems Bentley View 缓冲区错误漏洞

Bentley Systems Bentley View is a free viewer from Bentley Systems, USA. A buffer overflow vulnerability exists in Bentley View that can be exploited by an attacker to execute code in the context of the current process...

CVE-2021-40397

A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-46385

https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information remote. The component is: net.mingsoft.mdiy.action.FormDataActionqueryData. The attack vector is: 0 or sleep3. ¶¶ MCMS has a sql injection vulnerability through which attacker ca...

Sql injection

https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information remote. The component is: net.mingsoft.mdiy.action.FormDataActionqueryData. The attack vector is: 0 or sleep3. ¶¶ MCMS has a sql injection vulnerability through which attacker ca...

CVE-2021-46385

https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information remote. The component is: net.mingsoft.mdiy.action.FormDataActionqueryData. The attack vector is: 0 or sleep3. ¶¶ MCMS has a sql injection vulnerability through which attacker ca...

CVE-2021-46383

https://gitee.com/mingSoft/MCMS MCMS =5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information remote. The component is: net.mingsoft.mdiy.action.web.DictActionlist. The attack vector is: 0 or sleep3. ¶¶ MCMS has a sql injection vulnerability through which attacker can get...

Huawei AIS-BW80H-00 命令注入漏洞

Huawei AIS-BW80H-00 is a smart speaker device from Huawei China. Huawei AIS-BW80H-00 is vulnerable to a command injection vulnerability caused by the device's inability to effectively defend against malicious outside interference. A local attacker could exploit the vulnerability to pass specially...