10 matches found
EUVD-2021-30703
Malicious code in bioql PyPI...
CVE-2022-23643
Sourcegraph is a code search and navigation engine. Sourcegraph versions 3.35 and 3.36 reintroduced a previously fixed side-channel vulnerabilitity in the Code Monitoring feature where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects...
CVE-2022-23643 Side-channel attack in Sourcegraph Code Monitors
Sourcegraph is a code search and navigation engine. Sourcegraph versions 3.35 and 3.36 reintroduced a previously fixed side-channel vulnerabilitity in the Code Monitoring feature where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects...
Side-Channel Attack
github.com/sourcegraph/sourcegraph is vulnerable to side channel attack. The attack is possible because the library does not properly exclude the private source code search results in 'searchresults.go' , allowing an authenticated attacker to check specific string and API keys exists in private...
CVE-2021-43823
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.33.2 is vulnerable to a side-channel attack where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects the Saved Searches and Code Monitoring features. A...
CVE-2021-43823
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.33.2 is vulnerable to a side-channel attack where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects the Saved Searches and Code Monitoring features. A...
Code injection
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.33.2 is vulnerable to a side-channel attack where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects the Saved Searches and Code Monitoring features. A...
CVE-2021-43823 Side-channel attack in Sourcegraph
Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.33.2 is vulnerable to a side-channel attack where strings in private source code could be guessed by an authenticated but unauthorized actor. This issue affects the Saved Searches and Code Monitoring features. A...
Deterministic Network Enhancer dne2000.sys kernel ring0 SYSTEM exploit
No description provided by source. / dne2000-call.c Copyright c 2008 by [email protected] Deterministic Network Enhancer dne2000.sys local kernel ring0 SYSTEM exploit by mu-b - Sun 06 Jan 2008 - Tested on: dne2000.sys 2.21.7.233 - 3.21.7.17464...
DESlock+ <= 3.2.6 local kernel ring0 link list zero SYSTEM Exploit
Exploit for unknown platform in category local exploits ================================================================== DESlock+ DESlock+ include include include define DLMFENCIOCTL 0x0FA4204C define DLMFENCFLAG 0xC001D00D define DLKFDISKRIOCTL 0x80002008 define DLKFDISKSLOT 0x00000C5C define...