85 matches found
Information disclosure
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
CVE-2021-27376
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
CVE-2021-27376
CVE-2021-27376 affects the Rust crate nb-connect , file/socket handling. The issue arises from a direct cast of std::net::SocketAddrV4 and SocketAddrV6, relying on the wrong assumption about memory layout, which can lead to invalid memory access. The Red Hat and GHSA/RustSec entries confirm the r...
Rust nb-connect buffer error vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust nb-connect. The vulnerability stems from a forced data type conversion using std::net::SocketAddrV4 and std::net::SocketAddrV6 in some versions of the standard library,...
RUSTSEC-2021-0021 `nb-connect` invalidly assumes the memory layout of std::net::SocketAddr
The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...
nb-allstar.com Cross Site Scripting vulnerability OBB-1429258
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
nb-md.com.cn Cross Site Scripting vulnerability OBB-1395630
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Black Hat 2019: 5G Security Flaw Allows MiTM, Targeted Attacks
LAS VEGAS — 5G commercial networks are starting to roll out, promising exciting new use cases like automated cars, and smart sensor networks where the nodes have 10-year battery lives. To go along with these possibilities are new security requirements; notably, improvements in device...
nb-radiotreff.de XSS vulnerability
Open Bug Bounty ID: OBB-706451 Description| Value ---|--- Affected Website:| nb-radiotreff.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
nb-blizzards.de XSS vulnerability
Open Bug Bounty ID: OBB-677763 Description| Value ---|--- Affected Website:| nb-blizzards.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Dotclear admin/users.php file cross-site scripting vulnerability
Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. A cross-site scripting vulnerability exists in the admin/users.php file in Dotclear version 2.12.1. A remote attacker can exploit this vulnerability by injecting arbitrary web scri...
CVE-2018-5690
Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...
Cross site scripting
Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...
CVE-2018-5690
Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...
CVE-2018-5690
CVE-2018-5690 is an XSS vulnerability in Dotclear 2.12.1 affecting the admin/users.php page. The issue occurs when processing the nb parameter (page limit number), allowing remote authenticated users to inject arbitrary web script or HTML. The affected component is the admin interface (users mana...
Updated kernel-tmb packages fixes security and other bugs
This kernel-tmb update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...
Updated kernel packages fixes security and other bugs
This kernel update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...
search.mlb.nb.ca XSS vulnerability
Vulnerable URL:...
DEBIAN-CVE-2013-0856
The lpcprediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec ALAC data, related to a large nbsamples value...
CVE-2008-2508
Cross-site scripting XSS vulnerability in news.php in Tr Script News 2.1 allows remote attackers to inject arbitrary web script or HTML via the "nb" parameter in voir mode...