The vulnerability of the gf_m2ts_section_complete function in the media_tools/mpegts component of the GPAC multimedia platform allows a hacker to cause a service failure.

The vulnerability of the gfm2tssectioncomplete function in the mediatools/mpegts component of the GPAC multimedia platform is related to writing beyond buffer boundaries. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created MP4 file...

CVE-2021-39876

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...

CVE-2021-39876

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...

CVE-2021-39876

CVE-2021-39876 affects GitLab CE/EE starting from version 11.3, where the autocomplete endpoint for Assignee discloses members of private groups. The root cause is an information-disclosure flaw in the Assignee autocomplete functionality, enabling partial confidentiality breach. Impact stated in ...

Nuclei-Burp-Plugin - Nuclei Plugin For BurpSuite

A BurpSuite plugin intended to help with nuclei template generation. Features Template matcher generation Word and Binary matcher creation using selected response snippets from Proxy history or Repeater contexts Multi-line selections are split to separate words for readability Binary matchers are...

Deep dive: Vulnerabilities in ZTE router could lead to complete attacker control of the device

Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, we decided to take an even closer look at two of these vulnerabilities — CVE-2021-21748 and... This is...

CVE-2022-22536

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the...

complete-obgyn.com Cross Site Scripting vulnerability OBB-2356828

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2021-46244

A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5Tcompletecopy at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service DoS...

CVE-2022-21339

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2022-21297

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

PT-2022-7540 · Hdf5 +3 · Hdf5 +3

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.13.1-1 Description: The issue is related to a Divide By Zero vulnerability in the H5T complete copy function, located in the H5T.c file of the HDF5 library. This vulnerability can cause an arithmetic exception, leading to a...

CVE-2022-21303

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

CVE-2022-21358

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2022-21270

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Federated. Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2022-21253

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2022-21253

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

PT-2025-8066

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists due to the registration of devices multiple times when multiple connection complete events are received for the same handle. To address this, the code no...

CVE-2021-36318

Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text password storage vulnerability. A high privileged user could potentially exploit this vulnerability, leading to a complete outage...

What to do at AWS re:Invent 2021 - Day 3

Welcome to your complete guide to AWS re:Invent 2021 Day 3, where you will find tips on how to get the most out of your conference experience both in Las Vegas and virtually...