UBUNTU-CVE-2023-2618

A vulnerability, which was classified as problematic, has been found in OpenCV wechatqrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decodedbitstreamparser.cpp. The manipulation leads to memory leak. The attac...

OpenCV 安全漏洞

OpenCV is an open source, cross-platform, lightweight computer vision library. A security vulnerability exists in the OpenCV wechatqrcode module, which originates from the function DecodedBitStreamParser::decodeHanziSegment in the file qrcode/decoder/decodedbitstreamparser.cpp and could lead to a...

SUSE CVE-2019-12520

An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo...

SUSE CVE-2019-12527

An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user...

CVE-2022-26964

Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows information disclosure via a password brute-force attack. An error caused base64 to be decoded...

CVE-2022-36032

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes...

TOTOLINK EX1200T Information Disclosure Vulnerability

TOTOLINK EX1200T is a Wi-Fi range extender from China-based Gion Electronics TOTOLINK.TOTOLINK EX1200T suffers from an information disclosure vulnerability, which can be exploited by attackers to obtain the apmib configuration file without authorization, and the username and password can be found...

Exploit for Code Injection in Vmware Spring_Framework

Spring Framework RCE exploitation Quick pentest notes...

CVE-2021-38346

The Brizy Page Builder plugin = 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizycreateblockscreenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to perform directory...

Directory traversal

The Brizy Page Builder plugin = 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizycreateblockscreenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to perform directory...

CVE-2021-35050

User credentials stored in a recoverable format within Fidelis Network and Deception CommandPost. In the event that an attacker gains access to the CommandPost, these values could be decoded and used to login to the application. The vulnerability is present in Fidelis Network and Deception versio...

Tagstoo 2.0.1 - Stored XSS to Remote Command Execution Vulnerability

Exploit Title: Tagstoo 2.0.1 - Stored XSS to RCE Exploit Author: TaurusOmar CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://tagstoo.sourceforge.io/ Version: v2.0.1 Tested on: Windows, Linux, MacOs Software Description: Software to tag folders and files, with...

RSA signature validation vulnerability on maleable encoded message in jsrsasign

Impact Vulnerable jsrsasign will accept RSA signature with improper PKCS1.5 padding. Decoded RSA signature value consists following form: 01ff...8 or more ffs...ff00ASN.1 OF DigestInfo Its byte length must be the same as RSA key length, however such checking was not sufficient. To make crafted...

EulerOS Virtualization for ARM 64 3.0.6.0 : php (EulerOS-SA-2021-1566)

According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar...

Hardcoded credentials

Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic...

FiberHome HG6245D devices 授权问题漏洞

The HG6245D is an FTTH ONT router from FiberHome. An authentication bypass vulnerability exists in the FiberHome HG6245D. An attacker can exploit this vulnerability to bypass authentication by sending a decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to a telnet server...

CVE-2020-14246

HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials...

h1-ctf: [ Hacky Holidays CTF ] Completely taken down the Grinch Networks

Day 1 - Robot flag We're presented with sample ui page without any function. So I guessed content discovery is the best way to find flag. And robots.txt came to my mind and found the flag. https://hackyholidays.h1ctf.com/robots.txt Response User-agent: Disallow: /s3cr3t-ar3a Flag:...

The Zodiac Killer's Cipher Is Finally Cracked After 51 Years

Amateur and professional cryptographers, including those at the FBI, had been trying to decode the infamous serial killer's message to the media for decades...

squid: Improper input validation in request allows for proxy manipulation

A flaw was found in squid. The absolute URL of a request can include the decoded UserInfo username and password for certain protocols. This decoded info may contain special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a...