Exploit for Cross-site Scripting in Code-Projects Blood_Bank

CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Si...

PT-2023-36002 · Git +1 · Kamailio

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as parse priv value and parse privacy, which are located in...

CVE-2023-2922

CVE-2023-2922 affects SourceCodester Comment System 1.0. The vulnerability is in the index.php file, within the GET Parameter Handler, where tampering the msg parameter triggers cross-site scripting. Exploitation is possible remotely and has been disclosed publicly. Several connected sources corr...

D-Link DIR-300 安全漏洞

The D-Link DIR-300 is a wireless router from China's AUO D-Link. A security vulnerability exists in the D-Link DIR-300 REVA1.06 and earlier firmware versions, REVB2.06 and earlier firmware versions, which originates from an easy file inclusion attack via /model/langmsg.php...

msg-group.de Cross Site Scripting vulnerability OBB-3290773

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397EXPLOIT0DAY Exploit for the CVE-2023-23397 Cre...

CVE-2022-25709

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg...

PT-2023-36029 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow issue has been identified, which can cause a crash. The crash occurs due to a WRITE 1 heap-buffer-overflow. The functions involved in the crash include H5O mtime new...

GSD-2023-1000176 tipc: re-fetch skb cb after tipc_msg_validate

tipc: re-fetch skb cb after tipcmsgvalidate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...

PT-2023-1016 · Vim +8 · Vim +8

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.0.1144 Description: The issue is related to a heap-based buffer overflow in the msg puts printf function of the Vim text editor, which can be exploited to execute arbitrary code on the target system. This is a result o...

GSD-2022-1008059 sctp: clear out_curr if all frag chunks of current msg are pruned

sctp: clear outcurr if all frag chunks of current msg are pruned This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.156 by commit...

GSD-2022-1007762 sctp: clear out_curr if all frag chunks of current msg are pruned

sctp: clear outcurr if all frag chunks of current msg are pruned This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...

GSD-2022-1007218 soundwire: cadence: Don't overwrite msg->buf during write commands

soundwire: cadence: Don't overwrite msg-buf during write commands This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...

PT-2022-34977 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the soundwire cadence, where msg-buf is overwritten during write commands. The actual impact and attack plausibility have not yet been proven. Recommendations: For Lin...

msg-hammelburg.de Cross Site Scripting vulnerability OBB-3034655

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2022-7350 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0 Description: The issue is related to an improper update of reference count in io uring, leading to Use-After-Free and Local Privilege Escalation. When io msg ring is invoked with a fixed file, it calls io fp...

PT-2022-37248 · Git +1 · Wolfssl

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details include the involvement of specific function names such as wc Shake256 Final, wc...

Exploit for Cross-site Scripting in Phpgurukul Zoo_Management_System

CVE-2022-31897 Date: 06/22/2022 Exploit Author: Angelo Pi...

Malicious code in firestore-messagebird-send-msg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce66f4ad982ef4095727b82f1dabf12365216e3f0dc4b1cd8016bf310fa982c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Race condition

In ipucorejqsmsgtransportkernelwritesync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...