dev-pa.com Cross Site Scripting vulnerability OBB-1282916

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

PT-2020-6548 · Unknown +1 · F2Fs-Tools +1

Name of the Vulnerable Software and Affected Versions: F2fs-Tools F2fs.Fsck version 1.13 Description: An exploitable information disclosure issue exists in the dev read functionality. A specially crafted f2fs filesystem can cause an uninitialized read, resulting in information disclosure. An...

Linux/x86 /dev/sda Partition Wiping Shellcode (35 bytes)

Exploit Title: Linux/x86 - Shred /dev/sda wipe partition Shellcode 35 bytes Google Dork: None Exploit Author: cybersaki Vendor Homepage: None Software Link: None Version: None Tested on: Kali linux 2020.2a i386 x86 CVE : none Shellcode-length : 35 SLAE-id : Purchased | email protected ; Descripti...

dev-us.almonds.com Cross Site Scripting vulnerability OBB-1258392

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

GNU GLOBAL: Arbitrary code execution

Background GNU GLOBAL is a source code tagging system that works the same way across diverse environments, such as Emacs editor, Vi editor, Less viewer, Bash shell, various web browsers, etc. Description A vulnerability was found in an undocumented function of gozilla. Impact A remote attacker...

GHSA-VR98-27QJ-3C8Q Directory traversal in rollup-plugin-server

This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function...

Directory traversal in rollup-plugin-server

This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function...

rollup-plugin-dev-server path traversal vulnerability

rollup-plugin-dev-server is a plugin summary package. A path traversal vulnerability exists in the readFile operation of the 'readFileFromContentBase' function in rollup-plugin-dev-server all versions, which stems from the program's failure to clean up paths, and can be exploited by an attacker t...

Microsoft Revamps Windows Insider Preview Bug Bounty Program

Microsoft has revamped its Windows Insider Preview bug bounty program with higher rewards and an improved portal for bounty hunters to report flaws, in an effort to help sniff out more vulnerabilities on its platform. The Microsoft Windows Insider Preview bounty program is part of the Microsoft...

Mozilla Network Security Service (NSS): Information disclosure

Background The Mozilla Network Security Service NSS is a library implementing security features like SSL v.2/v.3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME and X.509 certificates. Description NSS was found to not always perform constant-time operations when working with DSA key material. Impa...

GLSA-202007-43 : TRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202007-43 TRE: Multiple vulnerabilities Multiple vulnerabilities have been discovered in TRE. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

CVE-2020-7686

This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function...

Path traversal

This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function...

CVE-2020-7686

CVE-2020-7686 affects all versions of rollup-plugin-dev-server. The issue is a directory traversal vulnerability caused by lack of path sanitization in the readFile operation within the readFileFromContentBase function, enabling potential access to arbitrary files. Multiple sources (NVD, CVE list...

CVE-2020-7686 Directory Traversal

This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function...

Debian DSA-4726-1 : nss - security update

Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in side channel/timing attacks or denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4726. Th...

Fedora 31 : tcpreplay (2020-256ac53cc7)

This release contains bug fixes only which includes security fixes : - Increase cache buffers size to accomodate VLAN edits 594 - Correct L2 header length to correct IP header offset 583 - Fix warnings from gcc version 10 580 - Heap Buffer Overflow in randomizeiparp 579 - Use after free in...

Fedora 32 : tcpreplay (2020-f47830961a)

This release contains bug fixes only which includes security fixes : - Increase cache buffers size to accomodate VLAN edits 594 - Correct L2 header length to correct IP header offset 583 - Fix warnings from gcc version 10 580 - Heap Buffer Overflow in randomizeiparp 579 - Use after free in...

PT-2020-1257 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.8 Description: The issue is related to a use-after-free vulnerability in the fs/block dev.c file of the Linux kernel. This vulnerability can be exploited by local users to gain privileges or cause a denial of...

Invoker - Penetration Testing Utility

Penetration testing utility. The goal is to use this tool when access to some Windows OS features through GUI is restricted. Some features require administrative privileges. Capabilities: invoke the Command Prompt and PowerShell, download a file, schedule a task, add a registry key, connect to a...