CVE-2023-41816

The CVE-2023-41816 entry concerns the Motorola Services Main mobile application, with a reported improper export vulnerability that could let a local attacker write to a local database. The available documents indicate an in-application export flaw as the root cause, enabling local compromise und...

Motorola Services Main 安全漏洞

Motorola Services Main is a mobile application service from Motorola USA. A security vulnerability exists in Motorola Services Main that stems from an incorrect export vulnerability that could allow a local attacker to write to a local database...

CVE-2023-23019

Cross site scripting XSS vulnerability in file main.php in sourcecodester oretnom23 Blog Site 1.0 via the name and email parameters to function useradd....

PT-2024-11982 · Unknown · Sourcecodester Oretnom23 Pos Point Sale System

Name of the Vulnerable Software and Affected Versions: sourcecodester oretnom23 pos point sale system version 1.0 Description: The issue allows attackers to execute arbitrary code via the code, name, and description inputs in the file Main.php. This is a Cross Site Scripting XSS vulnerability...

PT-2024-11981 · Unknown · Sourcecodester Oretnom23 Blog Site

Name of the Vulnerable Software and Affected Versions: sourcecodester oretnom23 Blog Site version 1.0 Description: The issue is related to a cross site scripting XSS vulnerability in the file main.php. This vulnerability can be exploited via the name and email parameters to the user add function...

ALSA-2024:2528 Low: mingw-glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GVariant offset table...

rhein-main-campus.de Cross Site Scripting vulnerability OBB-3923523

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-29660

Cross Site Scripting vulnerability in DedeCMS v.5.7 allows a local attacker to execute arbitrary code via a crafted payload to the stepselectmain.php component...

Desdev DedeCMS 安全漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS from China's Zhuozhuo Network Desdev. The system features content publishing, content management, content editing and content retrieval. A security vulnerability exists in DedeCMS v.5.7...

GHSA-3MPF-RCC7-5347 Hono vulnerable to Restricted Directory Traversal in serveStatic with deno

Summary When using serveStatic with deno, it is possible to directory traverse where main.ts is located. My environment is configured as per this tutorial https://hono.dev/getting-started/deno PoC bash $ tree . ├── deno.json ├── deno.lock ├── main.ts ├── README.md └── static └── a.txt source jsx...

MAL-2024-1297 Malicious code in colors-main (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96fd7c2ffaf602629b98fecc493fbe4ac073420940d2b37155e7ba170062e676 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in colors-main (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96fd7c2ffaf602629b98fecc493fbe4ac073420940d2b37155e7ba170062e676 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Hono 安全漏洞

Hono is a web framework written in TypeScript from the Hono community. A security vulnerability exists in Hono versions prior to 4.2.7, which stems from using serveStatic with deno to traverse the directory where main.ts is located, potentially retrieving unexpected files...

CVE-2024-2729

The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks...

NewStart CGSL CORE 5.04 / MAIN 5.04 : apr-util Vulnerability (NS-SA-2024-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has apr-util packages installed that are affected by a vulnerability: - Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds o...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2024-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by a vulnerability: - An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456...

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-requests Multiple Vulnerabilities (NS-SA-2024-0014)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-requests packages installed that are affected by multiple vulnerabilities: - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-htt...

NewStart CGSL CORE 5.04 / MAIN 5.04 : rpm Vulnerability (NS-SA-2024-0010)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rpm packages installed that are affected by a vulnerability: - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seeming...

NewStart CGSL CORE 5.04 / MAIN 5.04 : git Multiple Vulnerabilities (NS-SA-2024-0015)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by multiple vulnerabilities: - Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by...

NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Vulnerability (NS-SA-2024-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has binutils packages installed that are affected by a vulnerability: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via contro...