Design/Logic Flaw

reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot key to be compare with using Git commit hash. reg-keygen-git-hash-plugin through and including 0.10.15 allow remote attackers to execute of arbitrary commands. Upgrade to version 0.10.16 or later to resolve this issue...

CVE-2021-32673 Remote Command Execution in reg-keygen-git-hash-plugin

reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot key to be compare with using Git commit hash. reg-keygen-git-hash-plugin through and including 0.10.15 allow remote attackers to execute of arbitrary commands. Upgrade to version 0.10.16 or later to resolve this issue...

FreeBSD-SA-21:11.smap

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-21:11.smap Security Advisory The FreeBSD Project Topic: SMAP bypass Category: core Module: amd64 Announced: 2021-05-26 Credits: I lost my dog if you see him...

PYSEC-2020-310

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

eos buffer overflow vulnerability

eos is an open source smart contract platform. A stack overflow vulnerability exists in the 'abiserializer' function in versions after eos commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168. An attacker can exploit this vulnerability by sending a network request to attack an eos network node...

Logic Flaw Vulnerability in CPP-Ethereum JSON-RPC

CPP-Ethereum is a C++ client for Ethereum Application Programming Platform.JSON-RPC is one of the remote invocation services using JSON as the protocol. A security vulnerability exists in the minerstart API for JSON-RPC in CPP-Ethereum commit version 4e1015743b95821849d001618a7ce82c7c073768. An...

Improper access control

Thinkst Canarytokens through commit hash 4e89ee0 2019-03-01 relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token...

libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution...

CVE-2018-19182

Engelsystem before commit hash 2e28336 is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. The issue allows a remote attacker to induce unauthorized operations by persuading a user to submit a crafted request (the CVSS3 vector shows NETWORK, UI: REQUIRED, with HIGH impact on confide...

Kobe Beauty php-contact-form cross-site scripting vulnerability

Kobe Beauty php-contact-form is a software package from Kobe Beauty Japan that provides an auto-responder e-mail function. A cross-site scripting vulnerability exists in previous versions of Kobe Beauty php-contact-form commit e7d094ca8ab15215c32d6fa04d17e8519c8d21cf. An attacker can exploit this...