RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from an incorrect sprintf call or a missing "" character, resulting in a buffer overflow...

SUSE CVE-2017-1000254

libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then responds with a 257 response containing the path, inside double...

Code Execution Vulnerability in Micropoint Antivirus

Micropoint antivirus software is the second generation of antivirus software independently developed by Beijing Oriental Micropoint Information Technology Limited Liability Company with completely independent intellectual property rights. A code execution vulnerability exists in Micropoint...

igcal10-sql.txt

SQL Injection in ig-Calendar. This works regardless of magicquotesgpc! Dumps mysql login informaion: http://127.0.0.1/ig-calendar/user.php?id=999%20union%20select%201,User,Password,Host,Filepriv,0%20from%20mysql.user ./user.php line 52: $query = 'SELECT FROM users WHERE id='.$id; Should have used...