WordPress Import XML and RSS Feeds plugin <= 2.0.1 - Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability discovered by Suzhou Aurora Infinity Information Technology Co., Ltd. in WordPress Import XML and RSS Feeds plugin versions = 2.0.1. Solution Update the WordPress Import XML and RSS Feeds plugin to the latest available version at least 2.0.2...

WordPress Podcast Importer SecondLine plugin <= 1.1.4 - Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability discovered by Suzhou Aurora Infinity Information Technology Co., Ltd. in WordPress Podcast Importer SecondLine plugin versions = 1.1.4. Solution Update the WordPress Podcast Importer SecondLine plugin to the latest available version at least 1.1.5...

Activision Infinity Ward Call of Duty Modern Warfare 2 Buffer Overflow Vulnerability

Activision Infinity Ward Call of Duty Modern Warfare 2 Call of Duty is an American first-person shooter game by Activision. A buffer overflow vulnerability exists in Activision Infinity Ward Call of Duty Modern Warfare 2 2019-12-11 and earlier versions. An attacker can exploit this vulnerability ...

CVE-2019-20893

An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHostHandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to conduct arbitrary code execution on a victim'...

Buffer overflow

An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHostHandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to conduct arbitrary code execution on a victim'...

CVE-2019-20893

An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHostHandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to conduct arbitrary code execution on a victim'...

CVE-2019-20893

CVE-2019-20893 concerns a buffer overflow in Activision Infinity Ward’s Call of Duty Modern Warfare 2 (and up to 2019-12-11). The vulnerability is located in the PartyHost_HandleJoinPartyRequest function, exploitable via a crafted joinParty packet, which can yield arbitrary code execution on a vi...

CVE-2020-12607

An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the ECDSA implementation, the point at infinity is mishandled. This means that for an extreme value in k and s^-1, the signature verification fails even if the signature is correct. This behavior is not solely a...

PYSEC-2020-42

An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the ECDSA implementation, the point at infinity is mishandled. This means that for an extreme value in k and s^-1, the signature verification fails even if the signature is correct. This behavior is not solely a...

CVE-2020-12607

An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the ECDSA implementation, the point at infinity is mishandled. This means that for an extreme value in k and s^-1, the signature verification fails even if the signature is correct. This behavior is not solely a...

PT-2020-13166 · Fastecdsa · Fastecdsa

Name of the Vulnerable Software and Affected Versions: fastecdsa versions prior to 2.1.2 Description: An issue was discovered in the ECDSA implementation when using the NIST P-256 curve. The point at infinity is mishandled, which means that for extreme values in k and s^-1, the signature...

InfinityBlack Dismantled After Selling Millions of Credentials

The InfinityBlack hacking group, which is responsible for selling millions of stolen credentials, has been dismantled. Polish and Swiss law-enforcement authorities, supported by Europol, arrested five individuals in Poland believed to be members of InfinityBlack, on April 29. According to Europol...

infinity-rs.com.br Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1097971 Security Researcher haxmov Helped patch 715 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting infinity-rs.com.br website an...

fumador.it Cross Site Scripting vulnerability

Security Researcher aammoccia Helped patch 19 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting fumador.it website and its users. Following coordinated and responsible vulnerability...

playxtreme.it Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-990525 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

biciclo.it Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-990521 Security Researcher aammoccia Helped patch 19 vulnerabilities Received 1 Coordinated Disclosure badges Received 1 recommendations , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting biciclo.it website and its...

SQL Injection Vulnerability in the Website Building System of Beijing Beyond Infinity Information Technology Co. Ltd (CNVD-2019-30355)

Beijing Beyond Infinity Information Technology is a company engaged in website construction. A SQL injection vulnerability exists in the website building system of Beijing Beyond Unlimited Information Technology Co. Attackers can utilize the vulnerability to obtain sensitive information of the...

CVE-2018-20817

SVSteamAuthClient in various Activision Infinity Ward Call of Duty games before 2015-08-11 is missing a size check when reading authBlob data into a buffer, which allows one to execute code on the remote target machine when sending a steam authentication request. This affects Call of Duty: Modern...

CVE-2018-20817

CVE-2018-20817 affects SV_SteamAuthClient in multiple Activision Infinity Ward Call of Duty titles (MW2, MW3, Ghosts, AW, Black Ops 1/2) released before 2015-08-11. The root cause is a missing size check when reading authBlob data into a buffer, enabling remote code execution via a crafted steam ...

Design/Logic Flaw

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Log files are accessible over an unauthenticated network connection. By accessing the log files, an attacker is able to gain insights about internals of the...