48 matches found
EUVD-2023-46353
Malicious code in bioql PyPI...
EUVD-2024-28460
Malicious code in bioql PyPI...
CVE-2024-30540
Guessable CAPTCHA vulnerability in Guido VS Contact Form allows Functionality Bypass.This issue affects VS Contact Form: from n/a through 14.7...
CVE-2023-41862
Weak Authentication vulnerability in Guido VS Contact Form allows Authentication Abuse.This issue affects VS Contact Form: from n/a through 14.0...
CVE-2023-41862
Weak Authentication vulnerability in Guido VS Contact Form allows Authentication Abuse.This issue affects VS Contact Form: from n/a through 14.0...
WordPress User Submitted Posts plugin < 20240516 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Guido Iván García Duva in WordPress Plugin User Submitted Posts versions 20240516...
WordPress Index WP MySQL For Speed plugin < 1.4.18 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Guido Iván García Duva in WordPress Plugin Index WP MySQL For Speed versions 1.4.18...
WordPress WP Secure Maintenance plugin < 1.7 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Guido Iván García Duva in WordPress Plugin WP Secure Maintenance versions 1.7...
USN-6780-1 python-idna vulnerability
Guido Vranken discovered that idna did not properly manage certain inputs, which could lead to significant resource consumption. An attacker could possibly use this issue to cause a denial of service...
CVE-2024-30540
Guessable CAPTCHA vulnerability in Guido VS Contact Form allows Functionality Bypass.This issue affects VS Contact Form: from n/a through 14.7...
PT-2024-23470 · Unknown · Guido Vs Contact Form
Name of the Vulnerable Software and Affected Versions: Guido VS Contact Form versions prior to 14.7 Description: A Guessable CAPTCHA vulnerability in Guido VS Contact Form allows functionality bypass. Recommendations: For Guido VS Contact Form versions prior to 14.7, update to a version that...
Internet Bug Bounty: CVE-2019-1551: rsaz_512_sqr overflow bug on x86_64
The CVE-2019-1551 vulnerability was an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli in the OpenSSL library. The vulnerability was found and reported by researchers. The issue was mitigated in the 1.1.1 and 1.0.2 versions of OpenSSL...
GE Digital APM Classic
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Digital Equipment: APM Classic Vulnerabilities: Authorization Bypass Through User-controlled Key, Use of a One-Way Hash Without a Salt 2. RISK EVALUATION Successful exploitation of these...
Critical RCE Bug Affects Millions of OpenWrt-based Network Devices
A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt , a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as...
Debian: Security Advisory (DSA-4594-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Vulnerability in OpenSSL - rsaz_512_sqr overflow bug on x86_64
There is an overflow bug in the x8664 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
Vulnerability in OpenSSL - Client DoS due to large DH parameter
During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This...
Ubuntu 14.04 LTS / 16.04 LTS : OpenSSH vulnerabilities (USN-3538-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3538-1 advisory. Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this iss...
Lansweeper 6.0.0.63 Cross Site Scripting
============================================= - Release date: October 05th, 2017 - Discovered by: Giovanni Cerrato, Giovanni Guido and BackBox team - Severity: Medium ============================================= I. VULNERABILITY ------------------------- Lansweeper XSS vulnerability. II...
Important: Red Hat Security Advisory: freeradius security update
An update for freeradius is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...