37 matches found
UBUNTU-CVE-2025-10824
A vulnerability was determined in axboe fio up to 3.41. This impacts the function parsejobsini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized...
CVE-2025-10824 axboe fio init.c __parse_jobs_ini use after free
A vulnerability was determined in axboe fio up to 3.41. This impacts the function parsejobsini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized...
Malicious code in invokehttp (PyPI)
The init.py contains a call to execute a Base64-encoded script to download a second stage payload. --- -= Per source details. Do not edit below this line.=- Source: kam193 e3374942a3d2de4ea1f9444223c351c0ef5356c571a08e8ddb62144f7564def0 In the invokehttp, the init.py contains obfuscated code...
SUSE CVE-2013-6441
The lxc-sshd template templates/lxc-sshd.in in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file...
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot which allows local users to gain privileges via a symlink attack in an image.
...
Quest Policy Authority For Unified Communications Cross-Site Scripting Vulnerability
Quest Policy Authority For Unified Communications is a software from Quest, Inc. that is used in corporate environments to consolidate communication data between various media text and instant messaging, video conferencing, email and voicemail. A cross-site scripting vulnerability exists in Quest...
Quest Software Policy Authority For Unified Communications 跨站脚本漏洞
Quest Policy Authority For Unified Communications is a software from Quest, Inc. that is used in corporate environments to consolidate communication data between various media text and instant messaging, video conferencing, email and voicemail. A cross-site scripting vulnerability exists in Quest...
PT-2020-20264
Name of the Vulnerable Software and Affected Versions: InfiniteWP Client plugin versions prior to 1.9.4.5 Description: The InfiniteWP Client plugin for WordPress has a missing authorization check in the iwp mmb set request function within the init.php file. An attacker who knows an administrator'...
Bitmessage PyBitmessage Code Execution Vulnerability
Bitmessage PyBitmessage is a cryptographic decentralized communication protocol. Bitmessage PyBitmessage version 0.6.2 and commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0 and later have a vulnerability in the src/messagetypes/init.py file's ' constructObject' function has a security vulnerability...
WordPress Loginizer Cross-Site Request Forgery Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability in the Blacklist and Whitelist IP Wizard in the WordPress Loginizer init.php file...
DEBIAN-CVE-2017-7178
CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves 1 hosting a crafted plugin that executes an arbitrary program from its init.py file and 2 causing the victim to download, install, and enable this plugin...
GNU Emacs 22.1 Local Variable Handling Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26327/info Emacs is prone to a vulnerability that lets attackers execute arbitrary code. Due to a design error, the application ignores certain security settings and modifies local variables. By supplying a malicious file...
DEBIAN-CVE-2013-6441
The lxc-sshd template templates/lxc-sshd.in in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file...
CVE-2013-6441
The lxc-sshd template templates/lxc-sshd.in in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file...
Выполнение подзапросов и команд ОС в инъекциях SELECT под MySQL
We would like to open our blog notes on the practical implementation of the SQL-injections. And also we try to focus more attention on the practical aspects of web application security in the future. SQL injections are the most common server-side Web application vulnerabilities and meet almost...
QuickTalk 1.2 - Source Code Disclosure
QuickTalk 1.2 - Source Code Disclosure ======================================================================= QuickTalk v1.2 Source code disclosure Multiple Vulnerabilities =======================================================================...
PT-2007-6258 · Unknown · Myipacng-Stats
Name of the Vulnerable Software and Affected Versions: myIpacNG-stats MINGS version 0.05 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the MINGS BASE parameter. This is a remote file inclusion vulnerability in the init.php file. Note that this issue is...