EUVD-2007-3570

Malware in sbrugna...

CVE-2021-37806

An SQL Injection vulnerability exists in https://phpgurukul.com Vehicle Parking Management System affected version 1.0. The system is vulnerable to time-based SQL injection on multiple endpoints. Based on the SLEEPN function payload that will sleep for a number of seconds used on the 1 editid , 2...

Linux Distros Unpatched Vulnerability : CVE-2017-11448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory...

Microsoft Windows Secure Boot Security Feature Bypass Vulnerability (CNVD-2024-32552)

Microsoft Windows Secure Boot is a secure boot from Microsoft USA. A security feature bypass vulnerability exists in Microsoft Windows Secure Boot, which can be exploited by attackers to bypass security features...

Microsoft Windows Secure Boot Security Feature Bypass Vulnerability

Microsoft Windows Secure Boot is a secure boot from Microsoft USA. A security feature bypass vulnerability exists in Microsoft Windows Secure Boot, which can be exploited by attackers to bypass security features...

Microsoft Windows Secure Boot Security Feature Bypass Vulnerability (CNVD-2024-32549)

Microsoft Windows Secure Boot is a secure boot from Microsoft USA. A security feature bypass vulnerability exists in Microsoft Windows Secure Boot, which can be exploited by attackers to bypass security features...

Google Android Information Disclosure Vulnerability (CNVD-2023-99044)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by attackers to cause information leakage...

D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

Google Android elevation of privilege vulnerability (CNVD-2023-36105)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by attackers to elevate privileges...

The vulnerability of the Microsoft Dynamics CRM resource planning software lies in the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft Dynamics CRM resource planning software relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created queries...

Adobe Illustrator out-of-bounds read vulnerability (CNVD-2023-07320)

Adobe Illustrator is a software released by Adobe Systems, Inc. for graphics production. An out-of-bounds read vulnerability exists in Adobe Illustrator, which can be exploited by attackers to bypass mitigations such as ASLR and cause sensitive memory leaks...

Intel SGX Platform Software 信息泄露漏洞

Intel SGX Platform Software is a suite of software protection extensions from Intel Corporation. A security vulnerability exists in Intel SGX Platform Software, which can be exploited by attackers to cause an information disclosure...

Sourcecodester Phone Shop Sales Managements System SQL Injection Vulnerability

SourceCodester Phone Shop Sales Managements System is a PHP project by SourceCodester, Inc. to manage phone store sales transactions. sourcecodester Phone Shop Sales Managements System 1.0 has a SQL injection vulnerability that can be exploited by attackers to cause SQL injection...

Command Execution Vulnerability in the ghost plugin of YMail Email System

E-Mail Email System is a mail system software developed by E-Mail. A command execution vulnerability exists in the ghost plugin of YMS Email System, which can be exploited by attackers to gain control of the server...

Information leakage vulnerability of CP APP at Fishponds

CP software at Fishpond is a social software. CP APP at Fishpond has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

MACCMS 10 Cross-Site Request Forgery Vulnerability

MacCMS program is a fast shadow video building system that runs on PHP+MYSQL environment. MACCMS 10 has a cross-site request forgery vulnerability, which can be exploited by attackers to arbitrarily add to users...

MGASA-2016-0274 Updated chromium-browser-stable packages fix security vulnerability

Multiple unspecified vulnerabilities in chromium before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1705 The PPAPI implementation in Chromium before 52.0.2743.82 does not validate the origin of IPC messages to the plugin...

CloudBees Jenkins CI Information Disclosure Vulnerability

CloudBees Jenkins CI formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . An information disclosure vulnerability exists in CloudBees Jenkins CI, which can be exploited by attackers to bypass security restrictions a...

PHP 4 - 'PHPInfo()' Cross-Site Scripting

source: https://www.securityfocus.com/bid/7805/info Scripts that include the PHP phpinfo debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes hostile client-side script code or HTML...