CVE-2020-15108

In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1...

CVE-2020-15108

In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1...

UBUNTU-CVE-2020-15108

In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1...

PT-2020-4343 · Teclib +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.1 Description: The issue is related to the Clone feature in the GLPI system, which is vulnerable due to incorrect neutralization of special elements used in SQL queries. This allows a remote attacker to execute...

Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily

Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content, and even upload...

OSV-2020-278 Heap-buffer-overflow in ih264d_decode_slice_thread

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19027 Crash type: Heap-buffer-overflow READ 4 Crash state: ih264ddecodeslicethread ih264ddecodepicturethread clone...

glpi -- SQL injection for all usages of "Clone" feature

MITRE Corporation reports: In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1...

SAyHello - Capturing Audio (.Wav) From Target Using A Link

Capturing audio .wav from target using a link How it works? After the user grants microphone permissions, a website redirect button of your choice is released to distract the target while small audio files about 4 seconds in wav format are sent to the attacker. It uses Recorderjs, plugin for...

RUSTSEC-2020-0028 `LocalRequest::clone` creates multiple mutable references to the same object

The affected version of rocket contains a Clone trait implementation of LocalRequest that reuses the pointer to inner Request object. This causes data race in rare combinations of APIs if the original and the cloned objects are modified at the same time...

`LocalRequest::clone` creates multiple mutable references to the same object

The affected version of rocket contains a Clone trait implementation of LocalRequest that reuses the pointer to inner Request object. This causes data race in rare combinations of APIs if the original and the cloned objects are modified at the same time...

BlackDir-Framework - Web Application Vulnerability Scanner

Web Application Vulnerability Scanner. 1. Spider Directories 2. Find Sub Domain 3. Advanced Dorks Search 4. Scan list of Dorks 5. Scan WebSites Xss,Sql 6. Reverse Ip Lookup 7. Port Scan Installation: git clone https://github.com/RedVirus0/BlackDir-Framework.git cd BlackDir pip3 install -r...

Security update for git (moderate)

openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2020:0598-1 Rating: moderate References: 1063412 1095218 1095219 1110949 1112230 1114225 1132350 1149792 1156651 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1167890 1168930 1169605 1169786...

Duplicate Page and Post < 2.5.7 & WP Post Page Clone < 1.1 - SQL Injections due to Duplicated Snippets

SQL Injections in the Duplicate Post, WP Post Page Clone, Duplicate Page and Post plugins, due to using the snippet piece of code. The issue in the duplicate-post was already added, at https://wpvulndb.com/vulnerabilities/9251...

WordPress WP Post Page Clone plugin <= 1.0 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Antony Garand Sucuri in WordPress WP Post Page Clone plugin versions = 1.0. Solution Update the WordPress WP Post Page Clone plugin to the latest available version at least 1.1...

CVE-2020-11008

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260GHSA-qm7j-c969-7j4q. The fix for that bug still left the door open for an exploit where some credential is leaked but...

GitLab: Injection of `http.<url>.*` git config settings leading to SSRF

Summary When import a repo with credentials via a URL, gitaly generates the git clone command with a -c flag to add the Authorization header: https://gitlab.com/gitlab-org/gitaly/-/blob/master/internal/service/repository/createfromurl.goL37 go flags = appendflags, git.ValueFlagName: "-c", Value:...

How to enable Fast Clone functionality with Veeam Availability for Nutanix Mine

End-of-Life Product Nutanix Mine with Veeam reached End-of-Life on 2026-04-30. As of this date, all support services for this product are unavailable. For more information, see the Nutanix EOL Announcement Bulletin - Nutanix Mine, released 2025-04-30. Challenge Fast Clone is the Veeam Backup &...

CVE-2020-11673

An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wpajaxnopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operatio...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A deficiency in the clone system call when called with the CLONEPARENT flag permits the caller the parent process to indicate an arbitrary signal it wants to receive when its child process exits. This could lead to a denial of service of the parent proce...

Microsoft VSCode Python Extension - Code Execution Exploit

VSCode Python Extension Code Execution This repository contains the Proof-of-Concept of a code execution vulnerability discovered in the Visual Studio Code Python extension. TL;DR: VScode may use code from a virtualenv found in the project folders without asking the user, for things such as...