Exploit for Out-of-bounds Write in Polkit_Project Polkit

Exploit for CVE-2021-4034 Pkexec - Local Privilege Escalatio...

Cbrutekrag - Penetration Tests On SSH Servers Using Brute Force Or Dictionary Attacks. Written In C

Penetration tests on SSH servers using dictionary attacks. Written in C. brute krag means "brute force" in afrikáans Disclaimer This tool is for ethical testing purpose only. cbrutekrag and its owners can't be held responsible for misuse by users. Users have to act as permitted by local law rules...

CVE-2023-31622

An issue in the sqlcmakepolicytrig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

MAL-2023-869 Malicious code in the-girl-with-the-make-believe-husband-rokesbys-2-by-julia-quinn-on-ipad-new-chapters- (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80326e5ea00baebd679ede31f64bd96a16aa3a4e24d1158a6769bc380c19f7e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OESA-2023-1245 nasm security update

NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax. It also provides tools in RDOFF binary format, includes linker, library manager, loader, and information dump. Security Fixes...

Huawei EulerOS: Security Advisory for libtar (EulerOS-SA-2023-1575)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-27060

LightCMS v1.3.7 was discovered to contain a remote code execution RCE vulnerability via the image:make function...

LightCMS 安全漏洞

Jianhua Sun LightCMS is Jianhua Sun open source an application . Provides a lightweight CMS system can also be used as a general-purpose back-end management framework . LightCMS v1.3.7 version of a security vulnerability , the vulnerability stems from the image: make function has a remote code...

SUSE CVE-2008-3272

The sndseqosssynthmakeinfo function in sound/core/seq/oss/seqosssynth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by maxsynthdev before returning certain data to the caller, which allows local users to obtain...

SUSE CVE-2010-0412

stap-server in SystemTap 1.1 does not properly restrict the value of the -B aka BUILD option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273...

SUSE CVE-2012-2687

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

SUSE CVE-2017-5628

An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file...

SUSE CVE-2017-6314

The makeavailableatleast function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service infinite loop via a large TIFF file...

SUSE CVE-2017-10978

An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in makesecret" and a denial of service...

SUSE CVE-2018-11738

An issue was discovered in libtskfs.a in The Sleuth Kit TSK from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfsmakedatarun in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped...

SUSE CVE-2018-1000802

Python Software Foundation Python CPython version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in shutil module makearchive function that can result in Denial of service, Information gain via injection of arbitrary files on...

SUSE CVE-2021-43398

Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this...

Malicious Package

Overview make-box is a malicious package. It distributes Discord malware hosted on pastebin, that can steal important host information and credentials. Remediation Avoid using all malicious instances of the make-box package. Credit: Snyk Research Team...

CVE-2022-44109

pdftojson commit 94204bb was discovered to contain a stack overflow via the component Stream::makeFilterchar, Stream, Object, int...

CVE-2022-4377

A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched...