CVE-2026-8119

A vulnerability was detected in Open5GS up to 2.7.7. Impacted is the function ogssbistreamfindbyid in the library /lib/sbi/nghttp2-server.c of the component NSSF. Performing a manipulation results in denial of service. Attacking locally is a requirement. The exploit is now public and may be used...

CVE-2026-43068

Linux kernel ext4: CVE-2026-43068 stems from a bug that could cause allocation of blocks from a corrupted block group, leading to repeated delayed block allocation failures and potential data loss. The issue arises in ext4_mb_find_by_goal() through ext4_mb_load_buddy and related bitmap checks, wh...

PT-2026-37071

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system where the kernel may attempt to allocate blocks from a corrupted block group. This occurs because when EXT4 MB GRP BBITMAP CORRUPTe4b-bd info is...

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated development environment IDE, Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity's permitted file-creation capabilities with an insufficient input...

PT-2024-35770 · Jsfinder · Jsfinder

Name of the Vulnerable Software and Affected Versions: JSFinder version d70ab9bc5221e016c08cffaf0d9ac79646c90645 Description: The issue concerns a Directory Traversal vulnerability in the find by file function. This allows for potential unauthorized access to files outside the intended directory...

JSFinder 安全漏洞

JSFinder is a tool used by Threezh1 to quickly extract URLs and subdomains from js files on websites. A security vulnerability exists in JSFinder due to a directory traversal vulnerability in the findbyfile function...

CVE-2018-3880

An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its SQLite database,...

Samsung SmartThings Hub video-core HTTP server buffer overflow vulnerability (CNVD-2018-14290)

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A stack buffer overflow vulnerability exists in the database 'find-by-cameraId' function of the video-core HTTP server in the Samsung SmartThings Hub, which...

Yii 'findByCondition' Function SQL Injection Vulnerability

Yii is the Yii team developed a set of component-based , high-performance PHP framework for developing large-scale Web applications . A SQL injection vulnerability exists in the 'findByCondition' function in the framework/db/ActiveRecord.php file in version 2.x of Yii before 2.0.15. A remote...

UBUNTU-CVE-2017-17916

DISPUTED SQL injection vulnerability in the 'findby' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with...

PT-2017-15097 · Ruby +1 · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions 5.1.4 and earlier Description: A SQL injection issue in the find by method allows remote attackers to execute arbitrary SQL commands via the name parameter. The vendor disputes this issue, citing that the method is not...

PPA Gallery <= 1.0 (functions.inc.php) Remote File Include Exploit

No description provided by source. ?php / ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+ +:+:+...

PT-2013-1961 · Ruby On Rails · Authlogic

Name of the Vulnerable Software and Affected Versions: Authlogic gem for Ruby on Rails versions prior to 3.3.0 Description: The issue allows remote attackers to conduct SQL injection attacks via a crafted parameter in environments with a known secret token value. This is demonstrated by a value...

CVE-2001-1446

CVE-2001-1446 is an information-disclosure issue in Mac OS X Finder: Finder-created hidden files (.FBCIndex and .DS_Store) in directories viewed or served by Apache can reveal directory contents. OpenVAS entries describe .FBCIndex exposing file contents (including HTML, JavaScript, passwords, or ...

CVE-2001-1446

Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex in every directory, which allows remote attackers to learn the contents of files in web accessible directories...