7657 matches found
Google Android Denial of Service Vulnerability (CNVD-2022-46290)
Google Android is a Linux-based open source operating system from Google, Inc. A denial-of-service vulnerability exists in Google Android, which stems from a possible crash in the re-initialization of HeifDecoderImpl.cpp due to a missing null check. A remote attacker could exploit the vulnerabili...
389-ds-base: double free of the virtual attribute context in persistent search
A double free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...
WordPress Videos Sync PDF 1.7.4 Cross Site Scripting
Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 2022-04-13 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...
RHEL 8 : 389-ds:1.4 (RHSA-2022:1410)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1410 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...
WordPress Popup Maker 1.16.5 Cross Site Scripting
Exploit Title: WordPress Plugin Popup Maker Popup Settings Triggers Add New Cookie Add Cookie Time overwrite the default '1 month' with XSS payload Click 'Add' what triggers the XSS payload Payload examples: alert'XSS';...
WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting (XSS)
Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 2022-04-13 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...
CVE-2022-20661
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...
CVE-2022-20661
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...
Design/Logic Flaw
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...
CVE-2022-20731 Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...
CVE-2022-20731 Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...
CVE-2022-20661 Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...
CVE-2022-20661 Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...
Cisco Catalyst Digital Building Series Switches 安全漏洞
Cisco Catalyst Digital Building Series Switches are a series of digital building switches from Cisco USA. A security vulnerability exists in the Cisco Catalyst Digital Building Series Switches where an authenticated local attacker with level 15 privileges or an unauthenticated attacker with...
CVE-2021-45227
COINS Construction Cloud 11.12 contains a persistent Cross-Site Scripting (XSS) flaw in the file upload flow due to inappropriate handling of HTML IFRAME elements. Root cause: improper IFRAME usage during uploads enables script persistence. Impact is documented as client-side compromise; CVSS sco...
Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities
Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service DoS condition. For...
ghost-as-middleware (=1.0.0), ghost-blade (=0.1.0) +3 more potentially affected by CVE-2022-28397 via ghost (>=0.11.14 <=1.26.2)
ghost NPM version =0.11.14, =0.1.7, =0.1.10 - persistent-ghost =0.8.2 - sign-alex =1.0.1 Source cves: CVE-2022-28397 Source advisory: OSV:GHSA-FFHQ-G856-9F2P...
CVE-2022-24833 Persistent Cross-site Scripting (XSS) vulnerability in PrivateBin
PrivateBin is minimalist, open source online pastebin clone where the server has zero knowledge of pasted data. In PrivateBin v1.4.0 a cross-site scripting XSS vulnerability was found. The vulnerability is present in all versions from v0.21 of the project, which was at the time still called...
Huawei FLMG-10 Authorization Issues Vulnerability
Huawei FLMG-10 is a high-end Bluetooth remote control speaker from Huawei, China. The Huawei FLMG-10 suffers from an authorization issue vulnerability that stems from incorrect authentication issues. A local attacker can exploit the vulnerability to install a persistent and cryptic bootstrap or...
Huawei FLMG-10 授权问题漏洞
Huawei FLMG-10 is a high-end Bluetooth remote control speaker from Huawei, China. The Huawei FLMG-10 suffers from an authorization issue vulnerability that stems from incorrect authentication issues. A local attacker can exploit the vulnerability to install a persistent and cryptic bootstrap or...