pkcs11-helper -- deserialize buffer overflow

Alon Bar-Lev reports: util: fix deserialize buffer overflow. thanks to Aarnav Bos...

EUVD-2006-3612

Malware in sbrugna...

EUVD-2006-3613

Malware in sbrugna...

PT-2024-41: Bypass authentication in PT MaxPatrol SIEM, PT MaxPatrol VM, PT MaxPatrol EDR, PT MaxPatrol Carbon и PT MaxPatrol O2

The vulnerability was identified in PT MaxPatrol SIEM, PT MaxPatrol VM, PT MaxPatrol EDR, PT MaxPatrol Carbon и PT MaxPatrol O2 that affects versions that include component PT MC version earlier than 101.4.8813 and component MPX version earlier than 27.2.14850. The discovered vulnerability allows...

asn1c 缓冲区错误漏洞

asn1c is an ASN.1 compiler by the individual developer Lev Walkin. A security vulnerability exists in asn1c v0.9.28 and earlier, which stems from a stack-based buffer overflow in the function genhashget in genhash.c. The vulnerability is caused by a stack-based buffer overflow in the function...

lev-flowers.com.ua Cross Site Scripting vulnerability OBB-2962553

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CCN-lite 'cnb_parse_lev' Function Denial of Service Vulnerability

CCN-lite is a lightweight CCNx Content Centric Networking Protocol implementation of the CCN-lite project. A security vulnerability exists in the 'cnbparselev' function in CCN-lite versions prior to 2.00. An attacker could exploit this vulnerability to cause an invalid read...

CVE-2017-12471

The cnbparselev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function...

Oracle Linux 6 : qemu-kvm (ELSA-2013-1100)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-1100 advisory. qemu-kvm-0.12.1.2-2.355.el64.6 - kvm-qga-cast-to-int-for-DWORD-type.patch bz980758 - kvm-qga-remove-undefined-behavior-in-gainstallservice.patch bz980758 -...

Important: Red Hat Security Advisory: virtio-win security update

An updated virtio-win package that fixes one security issue is now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2006-3617

The CVE-2006-3617 entry describes a Cross-site scripting (XSS) vulnerability in Pixelated By Lev (PBL) Guestbook, specifically pblguestbook.php, affecting PBL Guestbook 1.32 and earlier. The vulnerability allows remote attackers to inject arbitrary script or HTML via the name, message, website, a...

CVE-2006-3618

SQL injection vulnerability in pblguestbook.php in Pixelated By Lev PBL Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 website, 4 comments, 5 rate, and 6 private parameters...

PBL Guestbook v1.31 - XSS

PBLGuestbook v1.31 Homepage: http://www.pixelatedbylev.com/ Effected files: input boxes of the guestbook. XSS Vulnerabilities PoC: I noticed that common tags like script are filtered into the words "SCRIPT BLOCKED" in this guestbook, however img tags as well as others go unfiltered in the Name,...