Lucene search
K

117 matches found

Positive Technologies
Positive Technologies
added 2022/06/07 12:0 a.m.7 views

PT-2022-20661 · Laravel · Laravel

Name of the Vulnerable Software and Affected Versions: Laravel version 9.1.8 Description: The issue allows Remote Code Execution RCE via an unserialized pop chain in destruct in IlluminateBroadcastingPendingBroadcast.php and call in FakerGenerator.php when processing attacker-controlled data for...

9.8CVSS6.7AI score
Exploits0References12
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.149 views

AWS CloudShell Terminal Escape Injection / Remote Code Execution

Terminal escape injection in AWS CloudShell The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance. The bug is in the handling of DCS escape...

0.2AI score
Exploits0
OSV
OSV
added 2021/02/08 5:58 p.m.10 views

MGASA-2021-0075 Updated wpa_supplicant packages fix a security vulnerability

A vulnerability was discovered in how wpasupplicant processing P2P Wi-Fi Direct group information from active group owners. The actual parsing of that information validates field lengths appropriately, but processing of the parsed information misses a length check when storing a copy of the...

7.9CVSS7.7AI score0.04707EPSS
Exploits1References3
Prion
Prion
added 2020/10/01 7:15 p.m.22 views

Design/Logic Flaw

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...

4.3CVSS6.2AI score0.01594EPSS
Exploits0References9Affected Software5
Cvelist
Cvelist
added 2020/10/01 6:31 p.m.15 views

CVE-2020-15676

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...

6.6AI score0.01594EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/10/01 1:22 p.m.3 views

Mozilla: XSS when pasting attacker-controlled data into a contenteditable element

The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...

6.1CVSS7.3AI score0.01594EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/10/01 1:10 p.m.2 views

Mozilla: XSS when pasting attacker-controlled data into a contenteditable element

The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...

6.1CVSS7.3AI score0.01594EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/09/25 12:0 a.m.27 views

CVE-2020-15676

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...

6.1CVSS6.9AI score0.01594EPSS
Exploits0References5
OSV
OSV
added 2020/07/30 1:15 p.m.35 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

6.7CVSS4AI score
Exploits0References6
NVD
NVD
added 2020/07/30 1:15 p.m.23 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

6.7CVSS7.3AI score0.00482EPSS
Exploits0References6
NVD
NVD
added 2020/04/22 9:15 p.m.26 views

CVE-2020-10892

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS8.1AI score0.0217EPSS
Exploits0References2
Prion
Prion
added 2020/04/22 9:15 p.m.18 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.0217EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/04/22 9:15 p.m.23 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.0217EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/02/05 5:15 p.m.18 views

Heap overflow

An issue was discovered in the Bluetooth component of the Cypress formerly owned by Broadcom Wireless IoT codebase. Extended Inquiry Responses EIRs are improperly handled, which causes a heap-based buffer overflow during device inquiry. This overflow can be used to overwrite existing functions wi...

6.8CVSS8.2AI score0.00855EPSS
Exploits0References4
Prion
Prion
added 2019/11/26 5:15 p.m.38 views

Heap overflow

An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data...

7.5CVSS9.2AI score0.20251EPSS
Exploits0References9Affected Software5
Zero Day Initiative
Zero Day Initiative
added 2019/01/29 12:0 a.m.32 views

Bitdefender SafePay openFile Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

8.8CVSS2.3AI score0.03823EPSS
Exploits0
Cvelist
Cvelist
added 2019/01/16 5:0 a.m.18 views

CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. processcontrol in ntpcontrol.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl in ntpd...

9.2AI score0.45719EPSS
Exploits5References4
AlpineLinux
AlpineLinux
added 2019/01/16 5:0 a.m.53 views

CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. processcontrol in ntpcontrol.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl in ntpd...

9.1CVSS9.3AI score0.45719EPSS
Exploits5
Veracode
Veracode
added 2019/01/15 9:19 a.m.36 views

Privilege Escalation

Linux kernel is vulnerable to privilege escalation. A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotifyhandleevent and vfsrename while running the rename operation against the same file. As a result of the race the nex...

7CVSS6.8AI score0.01223EPSS
Exploits3References23Affected Software1
AlpineLinux
AlpineLinux
added 2018/12/20 9:0 p.m.34 views

CVE-2018-1160

Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsiopensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution...

10CVSS9.8AI score0.86539EPSS
Exploits10
Rows per page
Query Builder