CVE-2026-42611 Grav: Stored XSS via Tag Injection

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged with the ability to create a page user can cause XSS with the injection of svg element. The XSS can further be escalated to dump the entire system information available under /admin/config/info whenever a Super Admin visit...

Grav is Vulnerable to Stored XSS via Tag Injection

Summary A low-privileged with the ability to create a page user can cause XSS with the injection of svg element. The XSS can further be escalated to dump the entire system information available under /admin/config/info whenever a Super Admin visits the page; which can further be chained with the...

SUSE CVE-2010-4081

The sndhdspmhwdepioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRVHDSPMIOCTLGETCONFIGINFO ioctl call...

ALBA-2022:4744 sos bug fix and enhancement update

The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. Bug Fixes and Enhancements: sos collect fails to get node list from a pacemaker cluster BZ2071695 Tracke...

CVE-2019-15005

The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration information about the...

Design/Logic Flaw

Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage...

CVE-2011-1706

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url...

DimacCMS xs <=1.3 Multiple Vulnerability

Exploit for php platform in category web applications Title : DimacCMS xs Exploit : 1 http://localhost/path...

DimacCMS XS 1.3 SQL Injection / Database Disclosure

Title : DimacCMS xs Exploit : 1 http://localhost/path/SiteResources/Data/...

kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory

The sndhdsphwdepioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRVHDSPIOCTLGETCONFIGINFO ioctl call...

kernel: drivers/sound/pci/rme9652/hdspm.c: reading uninitialized stack memory

The sndhdspmhwdepioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRVHDSPMIOCTLGETCONFIGINFO ioctl call...

kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory

The sndhdsphwdepioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRVHDSPIOCTLGETCONFIGINFO ioctl call...

kernel: drivers/sound/pci/rme9652/hdspm.c: reading uninitialized stack memory

The sndhdspmhwdepioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRVHDSPMIOCTLGETCONFIGINFO ioctl call...

kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory

The sndhdsphwdepioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRVHDSPIOCTLGETCONFIGINFO ioctl call...

PHP Autorooter Script

?PHP / Rohit Bansal BRoot Forcer MSN: [email protected] / / Your Config Info / $port = "8080"; // Your port to be used if Root is obtained for SSHdoor $pass = "Roxors"; // Your password to be used if Root is obtained for SSHdoor $dir = "expl0it"; // The folder where all exploits are stored wi...

[SECURITY] [DSA 1374-1] New jffnms packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA 1374-1 [email protected] http://www.debian.org/security/ Steve Kemp September 11, 2007 http://www.debian.org/security/faq -...