EUVD-2024-46769

Malicious code in bioql PyPI...

CVE-2025-3509 Pre-Receive Hook Remote Code Execution vulnerability was identified in GitHub Enterprise Server that allowing Privilege Escalation

A Remote Code Execution RCE vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially leading to privilege escalation and system compromise. The vulnerability involves using dynamically...

GHSA-2JQJ-5QV2-XVCG ezsystems/ezplatform-richtext allows access to external entities in XML

Impact This security advisory resolves a vulnerability in the RichText field type. By entering a maliciously crafted input into the RichText XML, an attacker could perform an attack using XML external entity XXE injection, which might be able to read files on the server. To exploit this...

CVE-2025-0118

CVE-2025-0118 affects the Windows build of Palo Alto Networks GlobalProtect App. A remote attacker can execute ActiveX controls in the context of an authenticated Windows user by convincing the user to visit a malicious page during the GlobalProtect SAML login flow; non-Windows GlobalProtect clie...

Magento Adobe Commerce 2.4.4-p8 Arbitrary File Read

Magento Adobe Commerce version 2.4.4-p8 suffers from an arbitrary file read vulnerability. ============================================================================================================================================= | Title : Magento Adobe Commerce 2.4.4-p8 arbitrary file read...

CVE-2024-55922 Cross-Site Request Forgery in Form Framework Module in TYPO3

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

GHSA-6W4X-GCX3-8P7V TYPO3 Cross-Site Request Forgery in Backend User Module

Problem A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstream components incorrectly accepted submissions via HTTP...

GHSA-HWCP-2H35-P66W PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability of the hyperlink base in the HTML page header

Cross-Site Scripting XSS vulnerability of the hyperlink base in the HTML page header Product: Phpspreadsheet Version: version 3.6.0 CWE-ID: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CVSS vector v.3.1: 5.4 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS...

Vulnerabilities found in Veritas Enterprise Vault

Vulnerabilities have been found in Veritas Enterprise Vault. A malicious party could potentially exploit the vulnerabilities to run execute arbitrary code on an Enterprise Vault server. To do this, the malicious party must send malicious network traffic to the vulnerable server. To successfully...

CVE-2020-36188

A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following conditions are needed for an exploit, w...

CVE-2020-24616

A flaw was found in FasterXML jackson-databind 2.x in versions prior to 2.9.10.6. The interaction between serialization gadgets and typing are mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following...

CVE-2020-11113

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following conditions a...

GHSA-8J72-P2WM-6738 Persistent XSS vulnerability in filename of attached file in PrivateBin

On 24th of December 2019 one of the property based unit tests reported a failure. Upon investigation, @elrido discovered that the failure was due to unescaped HTML, which allowed the user provided attachment file name to inject HTML under certain conditions leading to a persistent Cross-site...

Exploit for XML Injection (aka Blind XPath Injection) in Nsa Ghidra

CVE-2019-16941 Proof-of-Concept: The vulnerability requires...

CVE-2017-4971: Spring WebFlow remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

Spring severe of these vulnerabilities have traditionally not too much, before the more serious that problem is Spring's JavaBean automatic binding function, the result can be control class, which can lead to the use of certain characteristics of the execution of arbitrary code, but that...

PHP PEAR 1.10.1 - arbitrary File Download Vulnerability (CVE-2017-5630)

Author: mapl0 Vulnerability details In the PEAR Base System The 1. 10. 1 version of the installer, can be in after the redirect does not verify file type and file name, and then allows the remote http server via a specially crafted request to overwrite the hacked server files, such as. htaccess i...

Critical Vulnerability Patched in Roundcube Webmail

Open source webmail provider Roundcube has released an update that addresses a critical vulnerability in all default configurations that could allow an attacker to run arbitrary code on the host operating system. The flaw is serious because it’s relatively simple to exploit and can allow an...

From the byte overflows to arbitrary code execution-Linux stack exploit-vulnerability warning-the black bar safety net

One byte overflow called off-by-one, once a period of time, the off-by-one is considered to be not utilized, but later research found on the heap even if only one byte overflow can lead to arbitrary code execution. At the same time the heap of the off-by-one using also appear in the domestic and...

Elasticsearch 1.5.2 File Creation Vulnerability

Elasticsearch versions 1.0.0 through 1.5.2 are vulnerable to an engineered attack on other applications on the system. The snapshot API may be used indirectly to place snapshot metadata files into locations that are writeable by the user running the Elasticsearch process. It is possible to create...

vbulletin 3.0.x PHP code execution

Vulnerable Systems: ---------------- vBulletin version 3.0 up to and including version 3.0.4 Immune systems: ---------------- vBulletin version 3.0.5 vBulletin version 3.0.6 Vulnerable code in forumdisplay.php : if $vboptions'showforumusers' . . . . if $bbuserinfo'userid' . . . . $comma = ', ';...