CVE-2024-7674

CVE-2024-7674 affects Autodesk Navisworks where parsing a DWFX file via dwfcore.dll can trigger a heap-based buffer overflow, enabling a crash or arbitrary code execution in the current process. Affected products are Navisworks components that parse DWFX; exploitation is described as impacting th...

The signature "V" length is not checked in castApprovalBySig, CastDisapprovalBySig & createActionBySig

Lines of code Vulnerability details Impact The length of the "v" value in the signatures is not checked. V must correspond according to ECDSA principles values of either 27 or 28. Not checking this will result in an attacker crafting a malicious v value and bypassing any checks, withdrawing funds...

CVE-2023-27929

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory...

Cross-site Scripting (XSS)

WebKitGTK+ is vulnerable cross-site scripting XSS. Processing maliciously crafted web content may lead to universal cross site scripting...

D-LINK DIR-615 Cross Site Request Forgery

Exploit Title: Dlink DIR-615 Hardware Version E4 Firmware Verion 5.10 CSRF Vulnerability Google Dork: N/A Date: 19/02/2014 Exploit Author: Dhruv Shah Vendor Homepage: http://www.dlink.com/us/en/home-solutions/connect/routers/dir-615-wireless-n-300-router Software Link: N/A Hardware Version:E4...