25 matches found
Astra Linux - уязвимость в grub2
A flaw was discovered in grub2, where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub’s argument list. However, it does not check in case the memory allocation fails. Once the allocation fails, a NULL pointer will be processed by the parseoption function,...
EUVD-2005-0979
Malware in sbrugna...
EUVD-2025-4780
Malicious code in bioql PyPI...
AZL-57052 CVE-2024-45775 affecting package grub2 for versions less than 2.06-25
A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...
CVE-2024-45775 Grub2: commands/extcmd: missing check for failed allocation
A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...
CVE-2024-45775
CVE-2024-45775 concerns grub2: the function grub_extcmd_dispatcher() allocates memory for the grub argument list via grub_arg_list_alloc(), but does not handle allocation failure. If the allocation returns NULL, parse_option() dereferences a NULL pointer, causing grub to crash and, in rare cases,...
PT-2025-6688 · Grub2 +5 · Grub2 +5
Name of the Vulnerable Software and Affected Versions: grub2 affected versions not specified Description: A flaw was found in grub2 where the grub extcmd dispatcher function calls grub arg list alloc to allocate memory for the grub's argument list. However, it fails to check in case the memory...
Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path
Exploit Title: Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path Exploit Date: 2022-02-17 Vendor : IVT Corp Version : BlueSoleilCS 5.4.277 Vendor Homepage : www.ivtcorporation.com Tested on OS: Windows 7 Pro This software installs EDTService.exe version 11.10.2.1 Analyze PoC :...
Bluetooth Application 5.4.277 - (BlueSoleilCS) Unquoted Service Path Vulnerability
Exploit Title: Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path Vendor : IVT Corp Version : BlueSoleilCS 5.4.277 Vendor Homepage : www.ivtcorporation.com Tested on OS: Windows 7 Pro This software installs EDTService.exe version 11.10.2.1 Analyze PoC : ============== C:\sc qc...
Bluetooth Application 5.4.277 Unquoted Service Path
Exploit Title: Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path Exploit Date: 2022-02-17 Vendor : IVT Corp Version : BlueSoleilCS 5.4.277 Vendor Homepage : www.ivtcorporation.com Tested on OS: Windows 7 Pro This software installs EDTService.exe version 11.10.2.1 Analyze PoC :...
Security Bulletin: Cross-site scripting vulnerability in Installation Verification Tool of WebSphere Application Server (CVE-2018-1643)
Summary There is a potential cross-site scripting vulnerability with the Installation Verification Tool of IBM WebSphere Application Server. Vulnerability Details CVEID: CVE-2018-1643 DESCRIPTION: The Installation Verification Tool of IBM WebSphere Application Server is vulnerable to cross-site...
openSUSE Security Update : ucode-intel (openSUSE-2018-24) (Spectre)
This update for ucode-intel fixes the following issues : Update to Intel CPU Microcode version 20180108 boo1075262 - The pre-released microcode fixing some important security issues is now officially published and included in the added tarball. New firmware updates since last version 20170707 are...
Open Source Invalid Traffic Detection: Nameles
Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. Comprehensive Detection Detects display, video and in-app based ad fraud, web scraping and other...
IBM WebSphere Application Server 6.1.x < 6.1.0.41, 7.0.x < 7.0.0.19 IVT XSS Vulnerability
IBM WebSphere Application Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
IBM WebSphere Application Server IVT Cross Site Scripting Vulnerability
The host is running IBM WebSphere Application Server and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbibmwasivtxssvuln.nasl 5999 2017-04-21 09:02:32Z teissa $ IBM WebSphere Application Server IVT Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyrigh...
Cross site scripting
Cross-site scripting XSS vulnerability in the Installation Verification Test IVT application in the Install component in IBM WebSphere Application Server WAS 6.1 before 6.1.0.41 and 7.0 before 7.0.0.19 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE:...
CVE-2011-1362
CVE-2011-1362 affects IBM WebSphere Application Server (WAS) IVT in the Install component. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors due to an incomplete fix for CVE-2011-1308. Affected products/versions: WAS 6.1 before 6.1.0.41 and W...
CVE-2011-1362
Cross-site scripting XSS vulnerability in the Installation Verification Test IVT application in the Install component in IBM WebSphere Application Server WAS 6.1 before 6.1.0.41 and 7.0 before 7.0.0.19 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE:...
IBM WebSphere Application Server 6.1 < 6.1.0.37 Multiple Vulnerabilities
IBM WebSphere Application Server 6.1 before Fix Pack 37 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - It is possible to trigger a DoS condition via SAAJ API provided by the WebSphere Web services runtime. PM19534 - An unspecifie...
Cross site scripting
Cross-site scripting XSS vulnerability in the Installation Verification Test IVT application in the Install component in IBM WebSphere Application Server WAS before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...