Malicious code in @zalastax/nolb-ipe (npm)

The package @zalastax/nolb-ipe was found to contain malicious code...

MAL-2025-12047 Malicious code in @zalastax/nolb-ipe (npm)

The package @zalastax/nolb-ipe was found to contain malicious code...

ipe-evaluation.de Cross Site Scripting vulnerability OBB-3257766

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ipe-engwicht.de Cross Site Scripting vulnerability OBB-2835502

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Sony IPELA E Series Camera 802dot1xclientcert Function Remote Code Execution Vulnerability

Sony IPELA cameras are network-oriented cameras for surveillance and monitoring. A stack buffer overflow vulnerability exists in the 802dot1xclientcert.cgi function of the Sony IPELA E-Series cameras, which allows an attacker to send a malicious POST request leading to remote code execution...

Faraday 1.0.17 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday introduces a new concept - IPE Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the process of a security audit. The first of many releases in 2016, Faraday v.1.0.17 Community, Pro &...

Safari browser port blocking bypassed by integer overflow

g . o . a . t . s . e s . e . c . u . r . i . t . y g . a . p . i . n . g h . o . l . e . s e . x . p . o . s . e . d http://security.goatse.fr/ 323 306-4576 attention: due to technical limitations, this advisory cannot be displayed correctly. to view with images and video, visit the following...

CVE-2009-0146

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2SymbolDict::setBitmap and 2 JBIG2Stream::readSymbolDictSeg...

CVE-2007-4352

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file...