174 matches found
Pi-hole 4.3.2 Remote Code Execution
!/usr/bin/env python2 Exploit Title: Pi-hole 4.3.2 - Remote Code Execution Authenticated Date: 2020-08-04 Exploit Author: Luis Vacas @CyberVaca Vendor Homepage: https://pi-hole.net/ Software Link: https://github.com/pi-hole/pi-hole Version: = 4.3.2 Tested on: Ubuntu 19.10 CVE : CVE-2020-8816...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0311
An update of 'grub2' packages of Photon OS has been released. This updates fixes CVE-2020-10713 commonly known as BootHole...
OSV-2020-1256 UNKNOWN WRITE in TIFFReadRGBATileExt
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14185 Crash type: UNKNOWN WRITE Crash state: TIFFReadRGBATileExt cv::TiffDecoder::readData cv::imread...
OSV-2020-1004 Heap-buffer-overflow in gtTileSeparate
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13280 Crash type: Heap-buffer-overflow READ 4 Crash state: gtTileSeparate TIFFReadRGBATileExt cv::TiffDecoder::readData...
Hackers using malicious CV files to infect PCs with banking trojan
By Deeba Ahmed Here's why one should never open unknown files sent by anonymous users. This is a post from HackRead.com Read the original post: Hackers using malicious CV files to infect PCs with banking trojan...
cv-library.co.uk Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1073094 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
UBUNTU-CVE-2019-19624
An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsestscale is assumed to be greater than or equal to finestscale within the calc/oclcalc functions in disflow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of t...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.9 atomic-openshift security update
An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
CVE-2019-11084
GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and discloses cookies...
opencv/imread_fuzzer: Crash in TIFFReadRGBATileExt
Project: https://github.com/opencv/opencv.git Detailed report: https://oss-fuzz.com/testcase?key=5729601348698112 Project: opencv Fuzzer: aflopencvimreadfuzzer Fuzz target binary: imreadfuzzer Job Type: aflasanopencv Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x7f97d1e3e903 Crash...
openSUSE Security Update : opencv (openSUSE-2019-436)
This update for opencv fixes this security issue : - CVE-2017-18009: Prevent heap-based buffer over-read in the function cv::HdrDecoder::checkSignature bsc1074312. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
opencv/imread_fuzzer: Heap-buffer-overflow in gtTileSeparate
Project: https://github.com/opencv/opencv.git Detailed report: https://oss-fuzz.com/testcase?key=5098633869918208 Project: opencv Fuzzer: libFuzzeropencvimreadfuzzer Fuzz target binary: imreadfuzzer Job Type: libfuzzerasanopencv Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash...
cv-motivation.com XSS vulnerability
Open Bug Bounty ID: OBB-717086 Description| Value ---|--- Affected Website:| cv-motivation.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidde...
gigajob.com XSS vulnerability
Open Bug Bounty ID: OBB-685529 Description| Value ---|--- Affected Website:| gigajob.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2017-8992
HPE has identified a remote privilege escalation vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version...
Design/Logic Flaw
HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version...
Cross site scripting
HPE has identified a cross site scripting XSS vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version...
CVE-2017-8991
HPE has identified a cross site scripting XSS vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version...
CVE-2018-7069
CVE-2018-7069 corresponds to a remote unauthenticated file-access vulnerability in HPE CentralView Fraud Risk Management versions earlier than CV 6.1. The issue allows unauthenticated remote access to files and is addressed in HF16 for HPE CV 6.1 or newer. Connected sources indicate the flaw affe...
CVE-2018-7068
CVE-2018-7068 is a remote HOST header attack affecting HPE CentralView Fraud Risk Management prior to version CV 6.1. The underlying issue is a HOST header handling vulnerability exposed in earlier builds. The affected line of exploitation is remote, and the issue is resolved in HF16 for HPE CV 6...