29 matches found
SWPT-Notes
SWPT-Notes Personal study notes compiled while working throug...
satellitectf
CONSTELLATION PIVOT CTF A Satellite Cyber-Physical CTF Chal...
POC
POC A collection of PoC write...
EUVD-2024-16016
Malicious code in bioql PyPI...
PT-2025-30548 · Undefined · Undefined
URGENT: Oracle UEK kernel flaw CVE-2025-20480 patching guide: ✅ Exploit mechanics ✅ Mitigation commands ✅ Compliance checklist Read more: 👉 https://t.co/6cfH4WrvjP CVE202520480 DevSecOps https://t.co/AOwz4P72un...
Fedora: Security Advisory for golang-x-mod (FEDORA-2024-ae653fb07b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-0217
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any...
CVE-2024-0217 Packagekitd: use-after-free in idle function callback
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any...
CVE-2024-0217
Removed by vendor...
Authentication Bypass
org.apache.iotdb:iotdb-grafana-connector is vulnerable to Authentication Bypass. The vulnerability exists due to insufficient checks in preHandle function of LoginInterceptor.java, which allows a remote attacker to bypass authentication mechanisms...
CVE-2023-2094
A vulnerability has been found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/mechanics/managemechanic.php. The manipulation of the argument id leads to sql injection. The attack can be initiated...
PT-2023-17729 · Sourcecodester · Sourcecodester Vehicle Service Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Vehicle Service Management System version 1.0 Description: A critical issue has been found in the SourceCodester Vehicle Service Management System, affecting the file /admin/mechanics/manage mechanic.php. The manipulation of th...
Sourcecodester Vehicle Service Management System SQL注入漏洞
Sourcecodester Vehicle Service Management System is an open source PHP project. A simple web application for automotive repair/service stores or businesses. SourceCodester Vehicle Service Management System version 1.0 SQL injection vulnerability , the vulnerability stems from the path...
automotive shop management system SQL injection vulnerability (CNVD-2022-87033)
Automotive Shop Management System is an automotive shop management system by the individual developer Carlo Montero. Automotive Shop Management System v1.0 suffers from a SQL injection vulnerability. The vulnerability stems from a lack of validation of the...
[SECURITY] Fedora 36 Update: golang-x-mod-0.6.0~dev-3.20220330git9b9b3d8.fc36
This packages holds packages for writing tools that work directly with Go mod ule mechanics. That is, it is for direct manipulation of Go modules themselves...
Index mint and burn calls can be front run
Lines of code Vulnerability details Impact Both in the mint and burn cases all the user supplied / due to a user assets can be stolen by an attacker, who detects correspondingly asset transfer calls / Index token transfer call and front runs Index contract's mint / burn call with own address as a...
Vesting benRevocable flag can be switched on and off by anyone and doesn't provide any additional control
Handle hyh Vulnerability details Impact Griefing attack is possible for revoke mechanics by calling vest with a tiny amount and zero isRevocable. This will switch revocable off for the whole vesting amount i.e. the whole set of timelocks flag is being set via last vest call. And vice versa,...
Unauthorized Access Vulnerability in K401LX at Samsung (China) Investment Co.
Samsung China Investment Co., Ltd. is the headquarters of Samsung Group in China. By the end of 2008, 20 out of more than 30 companies under Samsung have invested in China, including Samsung Electronics, Samsung SDI, Samsung SDS and Samsung Electro-Mechanics. An unauthorized access vulnerability...
affidavit-for-mechanics-lien-ohio.com Cross Site Scripting vulnerability OBB-1245147
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Quantum Security Goes Live with Samsung Galaxy
Samsung and South Korean telecom giant SK Telecom have debuted the Galaxy A Quantum 5G smartphone, sporting a quantum random number generation RNG chipset. It’s the first commercialization of quantum technology for mobile phones, and it will serve as a significant bellwether for full quantum...