4 matches found
CVE-2026-10721 Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the in Permission, Cache, and Search components
Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize calls in the in Permission, Cache, and Search components. An unauthenticated attacker may trigger arbitrary PHP object instantiation if a malicious serialized payload has been placed in the database. Thanks XananasX7...
OESA-2025-1332 zvbi security update
The ZVBI library provides functions to read from Linux V4L, V4L2 and FreeBSD BKTR raw VBI capture devices, from Linux DVB devices and from a VBI proxy to share V4L and V4L2 VBI devices between multiple applications. It can demodulate raw to sliced VBI data in software, with support for a wide ran...
sssd: unsanitized input when searching in local cache database
It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve ...
google hacking advanced applications-vulnerability warning-the black bar safety net
Commonly used google keyword: foo1 foo2 which is associated, such as search xx company xx beauty operator:foo filetype:1 2 3 Type site:foo.com relatively straightforward to see the website more interesting, you can get many unexpected information intext:foo intitle: fooltitle title Oh allinurl:fo...