PT-2021-15574 · Bvms +2 · Bvms +2

Name of the Vulnerable Software and Affected Versions: VRM affected versions not specified DIVAR IP with VRM installed affected versions not specified BVMS with VRM installed affected versions not specified Description: The issue allows an user with administrative rights to access extended debug...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress plugin has a security vulnerability that...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from the lack of a warning to the user in the TBD of TBD and can be steered using a hidden debugging policy. An attacker could use...

GNU gdbserver 9.2 - Remote Command Execution Exploit

Exploit Title: GNU gdbserver 9.2 - Remote Command Execution RCE Exploit Author: Roberto Gesteira Miñarro 7Rocky Vendor Homepage: https://www.gnu.org/software/gdb/ Software Link: https://www.gnu.org/software/gdb/download/ Version: GNU gdbserver Ubuntu 9.2-0ubuntu120.04 9.2 Tested on: Ubuntu Linux...

NVIDIA GPU 安全漏洞

Nvidia Gpu is a graphics processing unit from the American company Nvidia. It is used in machine learning, video editing, and gaming applications. A security vulnerability exists in NVIDIA GPUs and Tegra hardware that stems from a user with elevated privileges using a debugging mechanism with...

Mozilla Firefox Security Advisory (MFSA2012-66) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

Androidqf - (Android Quick Forensics) Helps Quickly Gathering Forensic Evidence From Android Devices, In Order To Identify Potential Traces Of Compromise

androidqf Android Quick Forensics is a portable tool to simplify the acquisition of relevant forensic data from Android devices. It is the successor of Snoopdroid, re-written in Go and leveraging official adb binaries. androidqf is intended to provide a simple and portable cross-platform utility ...

CVE-2021-35235

The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely...

CVE-2021-35235

The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely...

Design/Logic Flaw

The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely...

CVE-2021-35235

The CVE concerns SolarWinds Kiwi Syslog Server (versions

CVE-2021-35235 ASP.NET Debug Feature Enabled

The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely...

CVE-2021-24779

The WP Debugging WordPress plugin before 2.11.0 has its updatesettings function hooked to admininit and is missing any authorisation and CSRF checks, as a result, the settings can be updated by unauthenticated users...

CVE-2021-24779

The WP Debugging WordPress plugin before 2.11.0 has its updatesettings function hooked to admininit and is missing any authorisation and CSRF checks, as a result, the settings can be updated by unauthenticated users...

Cross site request forgery (csrf)

The WP Debugging WordPress plugin before 2.11.0 has its updatesettings function hooked to admininit and is missing any authorisation and CSRF checks, as a result, the settings can be updated by unauthenticated users...

CVE-2021-24779

Vulnerability summary: The WP Debugging WordPress plugin (versions before 2.11.0) is affected by an unauthenticated settings update flaw. The update_settings() function is hooked to admin_init and lacks authorization and CSRF checks, allowing unauthenticated users to modify plugin settings. Affec...

USN-5122-1: Apport vulnerability

It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory...

WordPress 访问控制错误漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An access control error vulnerability exists in the WordPress plugin The WP Debugging prior to versi...

SAP Business One Information Disclosure Vulnerability

SAP Business One is a suite of enterprise management software from SAP, a German company. The software includes financial management, operations management, and human resources management functions.SAP Business One in version 10.0 contains an information disclosure vulnerability that stems from t...