15 matches found
PT-2026-48838
A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...
CVE-2026-5758
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
UBUNTU-CVE-2026-25537
jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, specifically, in its claim validation logic. When a standard claim such as nbf or exp is provided with an incorrect JSON type Like a String instead of a Number, the library’s...
Gitlab -- Vulnerabilities
Gitlab reports: XSS via the Maven Dependency Proxy Project level analytics settings leaked in DOM Reports can access and download job artifacts despite use of settings to prevent it Direct Transfer - Authorised project/group exports are accessible to other users Bypassing tag check and branch che...
A Malicious user can create a rootBridgeAgent with a malicious endpoint and execute calls directly with the rootBridgeAgent.
Lines of code Vulnerability details Impact A Malicious user can create a rootBridgeAgent with a malicious endpoint and execute calls directly with the rootBridgeAgent. Since anyone can create a rootBridgeAgent with desired values for port, endpoint and router address in anychain. The Attacker can...
PT-2023-5291 · Rockwell Automation · Factorytalk View Machine Edition
Name of the Vulnerable Software and Affected Versions: Rockwell Automation FactoryTalk View Machine Edition affected versions not specified Description: The issue arises from improper verification of user input, allowing an unauthenticated attacker to achieve remote code execution via crafted...
The onlyProfileOwnerOrDelegatedExecutor and whenNotPaused checks can be bypassed
Lines of code Vulnerability details Impact The LensHub.sol functions setProfileMetadataURI, setProfileMetadataURIWithSig, setFollowModule, setFollowModuleWithSig, collect, collectWithSig, act, actWithSig, setProfileImageURI, setProfileImageURIWithSig and others use...
CVE-2023-32449
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks...
Denial Of Service (DoS)
rpm is vulnerable to denial of service. An attacker can bypass the checks introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges and causing an application crash...
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
[PNM-004] An additional domain can be registered for free
Lines of code Vulnerability details Description The ETHRegistrarController added new functionality to support set multiple records while registering a ETH 2LD. It uses the following code to support this functionality. function setRecords address resolver, bytes32 label, bytes calldata data intern...
migrate can change the controller and bypass all the checks
Lines of code Vulnerability details Impact Controller can use migrate to change controller address, leading to the project owner changing a new controller with different logic that users may unexpect and bypassing the condition check / permission check of the previous controller. Proof of Concept...
[SECURITY] [DLA 1464-1] postgresql-9.4 security update
Package : postgresql-9.4 Version : 9.4.19-0+deb8u1 CVE ID : CVE-2018-10915 An unprivileged user of dblink or postgresfdw could bypass the checks intended to prevent use of server-side credentials, such as a /.pgpass file owned by the operating-system user running the server. Servers allowing peer...
Internet Bug Bounty: str_repeat() sign mismatch based memory corruption
OVERVIEW strrepeat suffers from a sign mismatch based integer overflow that results in creation of corrupted ZVALs; this condition, depending on the context, can be abused to bypass PHP-level checks or trigger any kind of memory error: a successful exploitation of this issue is likely to produce...
intval()is used improperly cause a security vulnerability analysis-vulnerability warning-the black bar safety net
A description of the classification intval function has two characteristics:"until the encounter on the numbers or the positive and negative symbols before starting to do the conversion, and then encounter non-numeric or string at the end\0end of conversion",in certain applications due to the...