CVE-2019-8419

VNote 2.2 has XSS via a new text note...

CVE-2019-8419

VNote 2.2 has XSS via a new text note...

CVE-2019-8419

CVE-2019-8419 affects VNote 2.2 and describes an XSS vulnerability that can be triggered via a new text note. The primary source (NVD) confirms XSS as the issue; no exploitation vectors, impacted versions beyond 2.2, or remediation steps are provided in the connected documents. The CVE entry list...

elfutils denial of service vulnerability (CNVD-2019-07028)

elfutils is a collection of utilities and libraries for reading, creating, and modifying ELF binaries, finding and manipulating DWARF debug data, symbols, thread states, and stack traces for processes and kernel files on GNU/Linux. A denial of service vulnerability exists in elfcvtnote in...

CVE-2018-16106

This CVE entry is rejected and not used; it does not represent an active vulnerability.

Marvell Avastar Wi-Fi Vulnerability

The CERT Coordination Center CERT/CC has released information on a vulnerability affecting Marvell Avastar wireless system on chip SoC models. An attacker could exploit this vulnerability to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC...

Security Bulletin: Upward Integration Module for HP Openview Operations for Windows is affected by multiple vulnerabilities in IBM Java SDK

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition that is shipped with Upward Integration Module for HP Openview Operations for Windows. These issues were disclosed as part of the Java Technology Edition Quarterly CPU - January 2015. Vulnerability Details Abstract Ther...

Security Bulletin: Vulnerability in SSLv3 affects IBM Systems Director (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Systems Director. Vulnerability Details Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgrade...

elfutils 'ebl_object_note' function out-of-bounds read vulnerability

elfutils is a collection of utilities and libraries for reading, creating, and modifying ELF binaries. libebl is one of the libraries that provides ELF access. An out-of-bounds read vulnerability exists in the 'eblobjectnote' function of the eblobjnote.c file of libebl in elfutils version 0.175. ...

CVE-2018-2299

This CVE entry is rejected/not used per initial description; does not represent an active vulnerability entry.

TAU Threat Intelligence Notification – MongoLock Ransomware

Summary The new variant of MongoLock Ransomware will delete users’ files immediately instead of encrypting them. Upon execution, MongoLock will scan specific locations such as Desktop, Documents, or Recycle Bin Folders, then delete files and format the local disk drives. The following is the list...

HealthNode Hospital Management System 1.0 - SQL Injection

Exploit Title: HealthNode Hospital Management System 1.0 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://sunriseservices.biz/ Software Link: https://codecanyon.net/item/healthnode-hospital-management-system/22368747 Version: 1.0 Category: Webapps...

PyLocky Ransomware Decryption Tool Released — Unlock Files For Free

If your computer has been infected with PyLocky Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files—your search might end here. Security researcher Mike Bautista at Cisco's Talos cyber intelligence unit have released a free decryption tool that...

Pylocky Unlocked: Cisco Talos releases PyLocky ransomware decryptor

This tool was developed by Mike Bautista. PyLocky is a family of ransomware written in Python that attempts to masquerade as a Locky variant. This ransomware will encrypt all files on a victim machine before demanding that the user pay a ransom to gain access to their decrypted files. To combat...

Oracle Critical Patch Update - October 2018

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

CVE-2018-5411

Pixar's Tractor software, versions 2.2 and earlier, contain a stored cross-site scripting vulnerability in the field that allows a user to add a note to an existing node. The stored information is displayed when a user requests information about the node. An attacker could insert Javascript into...

CVE-2018-19609

ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified pageid, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL...

carpology.net XSS vulnerability

Open Bug Bounty ID: OBB-700951 Description| Value ---|--- Affected Website:| carpology.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

CVE-2018-19286

The server in mubu note 2018-11-11 has XSS by configuring an account with a crafted name value along with an arbitrary username value, and then creating and sharing a note...

Code injection

The server in mubu note 2018-11-11 has XSS by configuring an account with a crafted name value along with an arbitrary username value, and then creating and sharing a note...