Design/Logic Flaw

libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7...

CVE-2017-9196

CVE-2017-9196 affects AutoTrace 0.31.1 via the libautotrace.a library. The ReadImage function in input-tga.c at line 528:7 contains a negative-size-param vulnerability that is described as a heap/buffer issue. Public sources (CNVD and related analyses) indicate this flaw could allow an attacker t...

gdal: Memcpy-param-overlap in KML::unregisterLayerIfMatchingThisNode

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5115360233652224 Project: gdal Fuzzer: libFuzzergdalogrfuzzer Fuzz target binary: ogrfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Memcpy-param-overlap Crash Address:...

BanManager WebUI 1.5.8 - PHP Code Injection Vulnerability

Exploit for php platform in category web applications BanManager WebUI 1.5.8 - PHP Code Injection & Stored XSS Exploit Title: BanManager WebUI - PHP Code Injection & Stored XSS Date: 2017-05-10 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage:...

Accellion FTA Device Cross-Site Scripting Vulnerability (CNVD-2017-07450)

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. A cross-site scripting vulnerability exists in home/seos/courier/smtpgadd.html in Accellion FTA devices versions prior to FTA912180....

HackerOne: Subdomain takeover #3 at info.hacker.one

Summary: Hi team, looking the last fix released from unbounce team at https://hackerone.com/reports/209004 i've been able again to bypass it again and takeover the subdomain info.hacker.one with a new vulnerable PARAM at UnbouncePages App Actual Dns Entry: F172446 Steps To Reproduce & New PoC for...

llvm_libcxxabi: Negative-size-param in std::__1::char_traits<char>::copy

Project: https://github.com/llvm/llvm-project.git Detailed report: https://oss-fuzz.com/testcase?key=6519608255184896 Project: llvmlibcxxabi Fuzzer: aflllvmlibcxxabicxademanglefuzzer Fuzz target binary: cxademanglefuzzer Job Type: aflasanllvmlibcxxabi Platform Id: linux Crash Type:...

llvm_libcxxabi: Negative-size-param in std::__1::char_traits<char>::move

Project: https://github.com/llvm/llvm-project.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5058069700542464 Project: llvmlibcxxabi Fuzzer: libFuzzerllvmlibcxxabicxademanglefuzzer Fuzz target binary: cxademanglefuzzer Job Type: libfuzzerasanllvmlibcxxabi Platform Id:...

libplist: Negative-size-param in parse_string_node

Project: https://github.com/libimobiledevice/libplist.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5556177727389696 Project: libplist Fuzzer: libFuzzerlibplistbplistfuzzer Fuzz target binary: bplistfuzzer Job Type: libfuzzerasanlibplist Platform Id: linux Crash Type:...

libplist: Memcpy-param-overlap in parse_data_node

Project: https://github.com/libimobiledevice/libplist.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4930725262393344 Project: libplist Fuzzer: libFuzzerlibplistbplistfuzzer Fuzz target binary: bplistfuzzer Job Type: libfuzzerasanlibplist Platform Id: linux Crash Type:...

libchewing: Negative-size-param in _Inner_InternalSpecialSymbol

Project: https://github.com/chewing/libchewing.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6578305067122688 Fuzzer: libFuzzerlibchewingchewingdynamicconfigfuzzer Job Type: libfuzzerasanlibchewing Platform Id: linux Crash Type: Negative-size-param Crash Address: Cras...

libchewing: Negative-size-param in _Inner_InternalSpecialSymbol

Project: https://github.com/chewing/libchewing.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5836280051007488 Fuzzer: libFuzzerlibchewingchewingdynamicconfigfuzzer Job Type: libfuzzerasanlibchewing Platform Id: linux Crash Type: Negative-size-param Crash Address: Cras...

libchewing: Negative-size-param in ChewingKillChar

Project: https://github.com/chewing/libchewing.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6311985729765376 Fuzzer: libFuzzerlibchewingchewingdynamicconfigfuzzer Job Type: libfuzzerasanlibchewing Platform Id: linux Crash Type: Negative-size-param Crash Address: Cras...

CVE-2016-3924

services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate EFFECTCMDSETPARAM and EFFECTCMDSETPARAMDEFERRED commands, which allows attackers to obtain sensitive information...

UBUNTU-CVE-2016-3924

services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate EFFECTCMDSETPARAM and EFFECTCMDSETPARAMDEFERRED commands, which allows attackers to obtain sensitive information...

QIWI: [contact-sys.com] SQL Injection████ limit param

Уязвимый сценарий:████ Уязвимый параметр: limit POST█████ HTTP/1.1 Host: contact-sys.com Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 59 countrycode=RU&sendrectype=1&action=index&term=&limit=10+INTO+@A Ответ "error":"SQLSTATE21000: Cardinality violation: 1222 The...

Netcore /param. file. tgz unauthorized download vulnerability

No description provided by source...

天融信TopScanner /task/htmlReport.php param参数命令执行漏洞

No description provided by source...

Uber: DOM based XSS on

Possible Remote code execution DOM based XSS Vuln Jquery param : var strliID=jQuerylocation.attr'hash'; Target: Logged admin Go url https://drive.uber.com/melbourne/wp-admin/admin.php?page=Optionsgallerystyles" Solution : Upgrade latest version gallery plugin Your version v1.9.55 Test my localhos...

X (Formerly Twitter): Incorrect param parsing in Digits web authentication

Hi, I would like to report an issue on Digits web authentication which allows attackers to retrieve the OAuth credential data of an application victims authorized. Detail Digits web authentication has strict validation on host and callbackurl. On the server side, the values are compared with the...