CVE-2023-0583 VK Blocks <= 1.57.0.5 - Authenticated(Contributor+) Settings Update

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'updatevkblocksoptions' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change plugin settings including default icons...

CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file...

Arbitrary Code Execution

paddlepaddle is vulnerable to arbitrary code execution. The vulnerability exists in the getwindow function in window.py because it calls eval on user supplied winstr which allows an attacker to inject and execute malicious codes in to the system...

CVE-2022-45667

Tenda i22 V1.0.0.34687 is vulnerable to Cross Site Request Forgery CSRF via function fromSysToolRestoreSet...

CVE-2022-41413

perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...

PT-2022-23466 · Seiko · Seiko Skybridge Mb-A100/A110

Name of the Vulnerable Software and Affected Versions: Seiko SkyBridge MB-A100/A110 versions 4.2.0 and below Description: The issue allows attackers to execute arbitrary code via a crafted html file, exploiting an arbitrary file upload vulnerability through the restore backup function...

EUVD-2022-6506

XXL-JOB all versions as of 11 July 2022 are vulnerable to Insecure Permissions resulting in the ability to execute admin function with low Privilege account...

CVE-2022-25648

The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetchremote = 'origin', opts = function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform...

MGASA-2020-0352 Updated thunderbird packages fix security vulnerabilities

By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...

cd-messenger input validation error vulnerability

cd-messenger is a console and file recorder with Gulp automated build tool support by American software developer Mike Erickson. An input validation error vulnerability exists in cd-messenger 2.7.26 and earlier versions, which stems from the 'eval' function executing user input passed to the...

Node-rules Arbitrary Code Execution Vulnerability

Node-rules is a lightweight forward linking rules engine written in JavaScript. An arbitrary code execution vulnerability exists in Node-rules. The vulnerability can be exploited to inject arbitrary commands using the "fromJSON" function...

CVE-2019-10867

An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to...

CVE-2018-19490

An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in dfgenerateasciiarrayentry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range...

Brave Browser &lt; 0.13.0 - &#039;long alert() argument&#039; Denial of Service

Exploit Title:Brave Browser...

CVE-2018-1000101

Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...

Adobe Illustrator CS5.5 - Memory Corruption

Felipe Andres Manzano [email protected] ''' The vulnerable function follows... ---------------------------------- .text:004A7200 ; =============== S U B R O U T I N E ======================================= .text:004A7200 .text:004A7200 ; Attributes: bp-based frame .text:004A7200...

USN-320-1: PHP vulnerabilities

The phpinfo PHP function did not properly sanitize long strings. A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo. Please note that it is not recommended to publicly expose phpinfo. CVE-2006-0996 An...

Mandrake Linux Security Advisory : php (MDKSA-2003:082-1)

A vulnerability was discovered in the transparent session ID support in PHP4 prior to version 4.3.2. It did not properly escape user- supplied input prior to inserting it in the generated web page. This could be exploited by an attacker to execute embedded scripts within the context of the...

CVE-2002-0985

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA e.g. sendmail in the 5th argument to mail, altering MTA behavior and possibly executing commands...

[SECURITY] [DSA 168-1] New PHP packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 168-1 [email protected] http://www.debian.org/security/ Martin Schulze September 18th, 2002 http://www.debian.org/security/faq -...