Memory Allocation with Excessive Size Value

Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the deserializebinaryform function via Remote Form endpoint. An attacker can cause excessive memory allocation by sending a specially crafted...

Linux Distros Unpatched Vulnerability : CVE-2024-23722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crash...

AZL-37083 CVE-2024-23722 affecting package fluent-bit for versions less than 2.2.2-1

In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly...

Security feature bypass

A security restriction bypass vulnerability has been discovered in Revive Adserver version 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in user to type the current password in order to change the e-mail address or the password. It was howev...

Liferay Portal 5.1.2 - Persistent Cross-Site Scripting

Liferay Portal 5.1.2 - Persistent Cross-Site Scripting Exploit Title: Liferay Portal 5.1.2 - Persistent XSS Discovery Date: 2016-02-10 Exploit Author: Sarim Kiani Vendor Homepage: https://www.liferay.com Software Link: https://www.liferay.com/community/releases Version: 5.1.2 Tested on: Windows O...