CVE-2024-46636

NASA Earth Observing System Data and Information System EOSDIS MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter...

CVE-2024-46636

CVE-2024-46636 affects NASA EOSDIS MODAPS v8.1. The MODAPS web application has a SQL injection in the category parameter caused by improper input validation, enabling exploitation via HTTP GET parameter manipulation to access data and potentially execute arbitrary SQL queries on the backend Postg...

EUVD-2022-52215

Malicious code in bioql PyPI...

CVE-2025-24638

creationtimestamp| type| source ---|---|--- 2025-01-24 19:46:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113885054181649712...

BIT-PHP-MIN-2020-7064 Use-of-uninitialized-value in exif

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exifreaddata function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash...

CVE-2023-5579 yhz66 Sandbox User Data information disclosure

A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /im/user/ of the component User Data Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to data information exposure in cURL libcurl (CVE-2022-27776)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to data information exposure in cURL libcurl CVE-2022-27776, which could allow an attacker to obtain authentication or cookie header information. cURL libcurl is used as part of the base image included in our...

CVE-2020-23945

A SQL injection vulnerability exists in Victor CMS V1.0 in the catid parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database...

Information disclosure

All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Attackers could use this vulnerability to collect data information and damage the system...

Input validation

P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte-AL00A 9.1.0.321C00E320R1P1T8, versions earlier than Emily-AL00A 9.1.0.321C00E320R1P1T8, versions earlier than NEO-AL00D NEO-AL00 9.1.0.321C786E320R1P1T8 have an improper validation vulnerability. The system does not perform a...

What You Should Know About the Changing Nature of Telephone-Based Payments

In March 2011, the PCI SSC released the initial version of the "Protecting Telephone-Based Payments Card Data" Information Supplement as a guide to help assessors assess environments where cardholder data was stored, processed, and/or transmitted over the telephone. It was a pivotal guidance...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3753-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3753-2 advisory. USN-3753-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Sensitive data types in Veeam Backup & Replication and Veeam Backup for Microsoft 365 log files

Challenge When you open a support ticket, Veeam Customer Support specialists may request log files. These log files may contain information to which the terms of the data protection laws or internal company policies apply. Veeam Backup & Replication Veeam Backup & Replication log files may includ...

KingView 6.5.3 SCADA HMI Heap Overflow PoC

No description provided by source. Exploit Title: KingView 6.53 SCADA HMI Heap Overflow PoC Date: 9/28/2010 Author: Dillon Beresford Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows XP SP1 works on SP2 an...

warforge.NEWS

warforge.NEWS exploit i've paste it on: http://forum.zone-h.org/viewtopic.php?t=5468 ------------------------------------------------------------------------ ------------------------------------------------------------------ - warforge.NEWS =1.00 Multiple Vulnerabilities - -=...

Apache mod_python < 3.1.4 Information Disclosure

Binary data 2608.prm...

Webcart Default Install Configuration Disclosure

At least one of these file or directories is world readable : /webcart/orders/ /webcart/orders/import.txt /webcart/carts/ /webcart/config/ /webcart/config/clients.txt /webcart-lite/orders/import.txt /webcart-lite/config/clients.txt This misconfiguration may allow an attacker to gather the credit...