EUVD-2008-1092

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-16239

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the...

CVE-2024-32883 MCUboot Injection attack of unprotected TLV values

MCUboot is a secure bootloader for 32-bits microcontrollers. MCUboot uses a TLV tag-length-value structure to represent the meta data associated with an image. The TLVs themselves are divided into two sections, a protected and an unprotected section. The protected TLV entries are included as part...

ChurchCRM v4.5.4 - Reflected XSS via Image (Authenticated)

Exploit Title: ChurchCRM v4.5.4 - Reflected XSS via Image Authenticated Date: 2023-04-17 Exploit Author: Rahad Chowdhury Vendor Homepage: http://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM/releases/tag/4.5.4 Version: 4.5.4 Tested on: Windows 10, PHP 7.4.29, Apache 2.4.53 CVE:...

SUSE CVE-2008-1081

Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...

SUSE CVE-2017-16239

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...

imagemagick/ping_mvg_fuzzer: Crash in GlobExpression

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5703754605658112 Project: imagemagick Fuzzer: libFuzzerimagemagickpingmvgfuzzer Fuzz target binary: pingmvgfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type: UNKNOWN RE...

openstack-nova: Nova Filter Scheduler bypass through rebuild action

By rebuilding an instance using a new image, an authenticated user may be able to circumvent the Filter Scheduler, bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter...

openstack-nova: Nova Filter Scheduler bypass through rebuild action

By rebuilding an instance using a new image, an authenticated user may be able to circumvent the Filter Scheduler, bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter...

openstack-nova: Nova Filter Scheduler bypass through rebuild action

By rebuilding an instance using a new image, an authenticated user may be able to circumvent the Filter Scheduler, bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter...

UBUNTU-CVE-2017-16239

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...

VulnCheck KEV: CVE-2007-4816

Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps.dll allow remote attackers to have an unknown impact via a long 1 URL, 2 backImage, or 3 titleImage property value; 4 a long first argument to the advancedOpen method; a long argument to the 5 isDVDPath or 6...

MRCGIGUY Thumbnail Gallery Post 1b - Arbitrary File Upload

MRCGIGUY Thumbnail Gallery Post 1b - Arbitrary File Upload + MRCGIGUY Thumbnail Gallery Post 1b Remote File Upload Vuln + Discovered By ThE g0bL!N + Vendor:http://www.mrcgiguy.com/ + Download:http://www.mrcgiguy.com/cgi-bin/freedown.cgi?id=6 + Greets : SarBoT511 -Sub-ZeRo + Note: It is a Sex Site...

phpGreetCards XSS / File Upload

................................................................................................... remote shell upload/xss script: phpGreetCards download from:http://www.w2b.ru/download/phpGreetCards.zip www.site.com/path/index.php?mode=select&category shell:...

PHPAdBoard - PHP uploads Arbitrary File Upload

....................................................................... remote shell upload script: phpAdBoard download from:http://www.w2b.ru/download/phpAdBoard.zip www.site.com/path/index.php shell: www.site.com/path/photoes/numbershell.php...

phpGreetCards - Cross-Site Scripting / Arbitrary File Upload

................................................................................................... remote shell upload/xss script: phpGreetCards download from:http://www.w2b.ru/download/phpGreetCards.zip www.site.com/path/index.php?mode=select&category shell:...

Image properties can be used to execute scripts

Image properties can contain custom comments. When displaying the image properties, Opera can be tricked into treating the comments as script. This can cause the script to be run in the wrong security context...

Image properties can be used to execute scripts – Opera Security Advisories

Image properties can be used to execute scripts – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Problem Description Image properties can contain custom comments. When displaying the image properties, Opera can be tricked into treating the comments as script. This...

CVE-2008-1081

Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...

Design/Logic Flaw

Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...