EUVD-2009-4575

Malware in sbrugna...

CVE-2024-38661

In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modifybitmap A system crash like this Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 Fault in home space mode while using kernel ASCE. AS:00000002d71bc007 R3:00000003fe5b8007...

CVE-2024-38661

CVE-2024-38661 is a Linux kernel vulnerability affecting the s390/ap subsystem. The issue stems from using signed int for internal bitmap-related variables in ap_parse_bitmap_str, allowing overflow during updates to /sys/bus/ap/apmask and related fields, which could trigger a kernel panic (panic_...

CVE-2024-38661 s390/ap: Fix crash in AP internal function modify_bitmap()

In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modifybitmap A system crash like this Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 Fault in home space mode while using kernel ASCE. AS:00000002d71bc007 R3:00000003fe5b8007...

CVE-2023-34108 Manipulation of Internal Dovecot Variables in mailcow via crafted Passwords

mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted...

WordPress Plugin "WordPress Popular Posts" accepts untrusted external inputs to update certain internal variables

Overview WordPress Plugin "WordPress Popular Posts" provided by Hector Cabrera accepts untrusted external inputs to update certain internal variables CWE-454. Tsubasa Iinuma of Origami Systems reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

WordPress plugin Popular Posts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

HTTP Parameter Pollution

An HTTP Parameter Pollution HTTP exploits the possibility of including several parameters with the same name in an HTTP request or by including a new encoded parameter. Depending on the web server, its parameters will be parsed in a different way i.e. parsing only the first/last occurrence of the...

The randomIndex() can be determined

Handle s1m0 Vulnerability details Impact The function randomIndex is used to choose which id to mint theoretically randomly. The index can be computed with a smartContract by giving him through arguments the internal/private variables numTokens and nonce gotten with getStorageAt. Note there is al...

CGI-World Poll It 2.0 Internal Variable Override Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1431/info Poll It is a Perl CGI application used to create and maintain opinion polls on websites. The program relies on a number of internal variables. These variables can be overwritten by any remote user by specifying...

Amiro.CMS <= 5.4.0.0 folder disclosure

No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-005 Amiro.CMS root folder disclosure Objective: Amiro CMS = 5.4.0.0 Type: Disclosure of ways Threat: Medium Date Discovered: 01.07.2009 Date of...

Badoo Services Limited & XSS Vulnerabilities

Exploit for php platform in category web applications ============================================ Badoo Services Limited & XSS Vulnerabilities ============================================ Product: Badoo Services online community Web: http://eu1.badoo.com/ http://badoo.com/ Versions: All version...

turba-xss.txt

+======================================================================================================+ + Horde & Turba Contact Manager & XSS Vulnerabilities and Remote Java's File Inclusion + +======================================================================================================...

hordeturba-xss.txt

+==========================================================================+ + Horde & Turba Contact Manager & XSS Vulnerabilities + +==========================================================================+ Authors: Ivan Sanchez Product: Turba Contact Manager Web: http://www.horde.org Versions...

Mozilla Firefox information leak

It's possible to read value of any internal variables...

PHP import_request_variables internal variables overwrite

$GET $POST $COOKIE $FILES $SERVER $SESSION and another internal variables may be overwritten during import...

USN-80-1: mod_python vulnerability

Graham Dumpleton discovered an information disclosure in the "publisher" handle of modpython. By requesting a carefully crafted URL for a published module page, anybody can obtain extra information about internal variables, objects, and other information which is not intended to be visible...

CVE-2000-0860

The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables...