Grand Theft Auto V 安全漏洞

Rockstar Games Grand Theft Auto V is a game by Rockstar Games. Grand Theft Auto V suffers from a security vulnerability. An attacker could exploit this vulnerability to execute partial remote code or modify files on a PC...

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. Oracle Database Server has a denial of service vulnerability that can be exploited by a...

jopenid 安全漏洞

jopenid is an open source component. A security vulnerability exists in jopenid. An attacker exploits the vulnerability to cause a noticeable time difference...

saemorris TheRadSystem 跨站脚本漏洞

TheRadSystem is a Cmput 391 project by saemorris Individual Developer. A cross-site scripting vulnerability exists in saemorris TheRadSystem, which stems from a problem with an unknown function in the file users.php, which can be exploited by an attacker to manipulate the parameter q to cause...

PT-2023-1280 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos versions prior to 19.4R3-S9 Junos versions 20.2 prior to 20.2R3-S6 Junos versions 20.3 prior to 20.3R3-S6 Junos versions 20.4 prior to 20.4R3-S5 Junos versions 21.1 prior to 21.1R3-S4 Junos versions 21.2 prior to 21.2R3-S3 Junos version...

gmail-servlet SQL注入漏洞

gmail-servlet is a module by Chris McMahon Stone Personal Developer. A SQL injection vulnerability exists in gmail-servlet. An attacker could exploit this vulnerability to perform a sql injection attack...

CVE-2023-0135

Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. Chromium security severity: Medium...

Microsoft Windows Cryptographic Services 安全漏洞

Microsoft Windows Cryptographic Services is an encryption service provider program from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Cryptographic Services. An attacker could exploit the vulnerability to disclose sensitive information...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in the Microsoft Windows Layer 2 Tunneling Protocol. An attacker could exploit the vulnerability to remotely execute code...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. Microsoft Windows has a security vulnerability. An attacker can exploit the vulnerability to elevate privileges...

voter-js SQL注入漏洞

voter-js is an application by tingzhang2013 individual developer. A SQL injection vulnerability exists in voter-js. An attacker could exploit this vulnerability to perform a sql injection attack...

email-existence 安全漏洞

email-existence is a library for checking the legitimacy of email messages. A security vulnerability exists in email-existence. An attacker exploited the vulnerability to cause an increase in the complexity of regular expressions...

CVE-2022-41988

An information disclosure vulnerability exists in the OpenImageIO::decodeiptciim functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability...

OpenImageIO heap out-of-bounds read vulnerability

OpenImageIO is an image read and write library that also provides several tools and applications. openImageIO is vulnerable to a heap out-of-bounds read vulnerability. An attacker can exploit this vulnerability to read heap metadata out of bounds via specially crafted RLA files, which can lead to...

Attacker can steal the amount collected so far in the GroupBuy for NFT purchase.

Lines of code Vulnerability details Description purchase in GroupBuy.sol executes the purchase call for the group. After safety checks, the NFT is bought with market's execute function. Supposedly it deploys a vault which owns the NFT. The code makes sure the vault is the new owner of the NFT and...

mschaef toto 跨站脚本漏洞

toto is a to-do list manager by Mike Schaeffer Personal Developer. A security vulnerability exists in mschaef toto version 1.4.20 and earlier versions. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

Siemens Simcenter STAR-CCM Privilege Elevation Vulnerability

Siemens Simcenter STAR-CCM is a complete multi-physics field solution from Siemens Germany that simulates products and designs working under real-world conditions. a security vulnerability exists in Siemens Simcenter STAR-CCM, which stems from improperly assigning file permissions to installation...

CVE-2022-4207

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

Microsoft SharePoint 安全漏洞

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft Corporation USA. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information.A remo...

Zend-blog-2 跨站请求伪造漏洞

Zend-blog-2 is a framework blog by Alexander Harchenko personal developer. A security vulnerability exists in Zend-blog-2. An attacker can exploit this vulnerability to perform cross-site request forgery attacks...