124 matches found
CVE-2022-0150
The WP Accessibility Helper WAH WordPress plugin before 0.6.0.7 does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue...
Authentication Bypass
shiro-web is vulnerable to authentication bypass. An ArrayIndexOutOfBoundsException in Base64decode causes an invalid session cookie to be parsed as valid...
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
This blog post was authored by Hossein Jazi and Jérôme Segura On June 10, we found a malicious Word document disguised as a resume that uses template injection to drop a .Net Loader. This is the first part of a multi-stage attack that we believe is associated to an APT attack. In the last stage,...
php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c...
php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c...
Tomedo Server 1.7.3 Information Disclosure / Weak Cryptography
Affected software: Tomedo Server 1.7.3 Vulnerability type: Cleartext Transmission of Sensitive Information & Weak Cryptography for Passwords Vulnerable version: Tomedo Server 1.7.3 Vulnerable component: Customer Tomedo Server that communicates with Vendor Tomedo Update Server Vendor report...
php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c...
NewStart CGSL CORE 5.04 / MAIN 5.04 : cockpit Vulnerability (NS-SA-2019-0066)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has cockpit packages installed that are affected by a vulnerability: - It was found that cockpit used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could sen...
Newsletter Manager < 1.5 - Unauthenticated Open Redirect
The plugin used base64 encoded user input in the appurl parameter without validation, to redirect users using the header PHP function, leading to an open redirect issue In the file '/newsletter-manager/confirmation.php': 33: $xyzemurl = base64decode$GET'appurl'; ... 179:...
DEBIAN-CVE-2019-3804
It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...
CVE-2019-3804
It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...
UBUNTU-CVE-2019-9024
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c...
lighttpd < 1.4.30 base64_decode Function Out-of-Bounds Read Error DoS
According to its banner, the version of lighttpd running on the remote host is prior to 1.4.30. It is, therefore, affected by a denial of service vulnerability. The HTTP server allows out-of-bounds values to be decoded during the auth process and later uses these values as offsets. Using negative...
FreeBSD : mutt/neomutt -- multiple vulnerabilities (fe12ef83-8b47-11e8-96cc-001a4a7ec6be)
NeoMutt report : DescriptionCVE-2018-14349 NO Response Heap Overflow CVE-2018-14350 INTERNALDATE Stack Overflow CVE-2018-14351 STATUS Literal Length relative write CVE-2018-14352 imapquotestring off-by-one stack overflow CVE-2018-14353 imapquotestring int underflow CVE-2018-14354 imapsubscribe...
Magento Hackers Using Simple Evasion Trick to Reinfect Sites With Malware
Security researchers have been warning of a new trick that cybercriminals are leveraging to hide their malicious code designed to re-introduce the infection to steal confidential information from Magento based online e-commerce websites. So, if you have already cleaned up your hacked Magento...
WordPress Simple Ads Manager 2.9.8.125 PHP Object Injection Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Simple Ads Manager WordPress plugin unauthenticated PHP Object injection vulnerability ------------------------------------------------------------------------ Yorick...
DEBIAN-CVE-2017-5209
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data...
UBUNTU-CVE-2017-5209
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data...
An SQL injection vulnerability exists in the DBSHOP_0.9.3_Beta getQuery() function.
DBShop is an open source e-commerce online store system developed using endFramework. DBSHOP0.9.3Beta suffers from SQL injection vulnerability. Due to the /DBSHOP/module/Shopfront/src/Shopfront/Controller/GoodslistController.php at indexAction first through getQuery to get all the parameters,...
Internet Bug Bounty: integer overflow in base64_decode caused heap corruption
Please check: https://bugs.php.net/bug.php?id=72836...