DEBIAN-CVE-2022-2160

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page...

UBUNTU-CVE-2022-1858

Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction...

DEBIAN-CVE-2022-1500

Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page...

CVE-2022-1309

Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

DEBIAN-CVE-2022-1309

Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

Design/Logic Flaw

Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

UBUNTU-CVE-2022-1309

Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

UBUNTU-CVE-2022-1143

Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools...

UBUNTU-CVE-2022-1142

Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools...

What’s New for Developers: July 2022

This month’s developer update is jam-packed with exciting news, helpful articles, and useful code, including a new Terraform Provider release and much more...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77045)

Product Show Room Site is a kind of product show room website by Carlo Montero's personal developer. product show room site v1.0 version exists SQL injection vulnerability, the vulnerability originates from the existence of the id parameter in /psrs/?p=products/viewproduct&id SQL injection, an...

Swivel.setFee() is implemented wrongly.

Lines of code Vulnerability details Impact Swivel.setFee is implemented wrongly. Swivel.feenominators won't be set as expected. Proof of Concept This function has a parameter "i" for the index of the new fee denomination but it isn't used during the update. Tools Used Solidity Visual Developer of...

ZcToken.withdraw() and ZcToken.redeem() will always revert when msg.sender != holder.

Lines of code Vulnerability details Impact ZcToken.withdraw and ZcToken.redeem will always revert when msg.sender != holder. These 2 functions will work only when users withdraw/redeem from their balances. Proof of Concept When we check allowance here, it reverts when allowance is greater than...

Product Show Room Site SQL Injection Vulnerability (CNVD-2022-77046)

Product Show Room Site is a product showroom website from Carlo Montero's personal developer. Product Show Room Site v1.0 is vulnerable to SQL injection, which originates from a SQL injection in the /psrs/classes/Master.php?f=deleteproduct The vulnerability is caused by SQL injection of the id...

With most functions in VaultTracker.sol, users can call them only once after maturity has been reached.

Lines of code Vulnerability details Impact With most functions in VaultTracker.sol, users can call them only once after maturity has been reached. So from the second call of any functions after maturity, it will revert and users might lose their funds or interests. Proof of Concept The main probl...

Elastic: Synthetics Recorder: Code injection when recording website with malicious content

A vulnerability was discovered in the Synthetics Recorder tool, which allows attackers to inject arbitrary code into a recording session. The waitForNavigation event calls quote within the context of a multi-line comment, which can be escaped with a specially crafted URL. This can lead to code...

flask-file-server path traversal vulnerability

flask-file-server is a file server with a front-end for browsing, uploading, and streaming files from Wildog Personal Developer. flask-file-server 2020-02-20 and earlier versions are vulnerable to a path traversal vulnerability that stems from a failure of Flask's sendfile function to properly...

Design/Logic Flaw

Pyramid Solutions' affected products, the Developer and DLL kits for EtherNet/IP Adapter and EtherNet/IP Scanner, are vulnerable to an out-of-bounds write, which may allow an unauthorized attacker to send a specially crafted packet that may result in a denial-of-service condition...

JVN#12610194: Django Extract and Trunc functions vulnerable to SQL injection

Django provided by Django Software Foundation is a Web application framework. Extract and Trunc functions of Django used to treat date data contain an SQL injection vulnerability CWE-89. Impact An attacker may execute an arbitrary SQL command. Data in websites built using the product may be alter...

livro_python 路径遍历漏洞

livropython is a repository for the individual developer Eduardo dos Santos Pereira in Brazil. A security vulnerability exists in livropython, which stems from insecure use of the Flask sendfile function...