CITSmart ITSM 9.1.2.22 - LDAP Injection Vulnerability

Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the username field of login...

CITSmart ITSM 9.1.2.22 LDAP Injection

Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Date: 29/12/2020 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the usernam...

Juniper Networks Junos OS 信任管理问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. There is a security vulnerability in Junos OS. No information about this vulnerability is available at this...

FATEK Automation WinProladder Integer Overflow Vulnerability

The official version of WinProLadder is a pretty good and useful PLC programming tool. FATEK Automation WinProladder integer overflow vulnerability can be exploited by attackers to cause arbitrary code execution...

Rust Buffer Overflow Vulnerability (CNVD-2021-28295)

Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. A buffer overflow vulnerability exists in the standard stock in versions of Rust prior to 1.50.0. The vulnerability stems from readtoend not validating the return...

Rust Buffer Overflow Vulnerability (CNVD-2021-28297)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust that stems from the loss of uninitialized memory that sometimes occurs. No details of the vulnerability are provided at this time...

Rust Resource Management Error Vulnerability (CNVD-2021-31920)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in through crate for Rust 2021-02-18 and earlier versions, which stems from a double release in the map function. No details of the vulnerability are provided at...

Mozilla Rust Post-Release Reuse and Double-Release Vulnerability

Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. A reuse-after-release and double-release vulnerability exists in standard inventory in versions of Rust prior to 1.49.0. The vulnerability stems from...

PT-2021-15763

Name of the Vulnerable Software and Affected Versions: Thrive Optimize WordPress plugin versions prior to 1.4.13.3 Thrive Comments WordPress plugin versions prior to 1.4.15.3 Thrive Headline Optimizer WordPress plugin versions prior to 1.3.7.3 Thrive Leads WordPress plugin versions prior to 2.3.9...

MediaWiki 权限许可和访问控制问题漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.31.12 and versions prior to 1.32.x series 1.35.x...

Rust Resource Management Error Vulnerability (CNVD-2021-31473)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust version 2021-02-26 and prior versions, which stems from the possibility of a double release in get or insert. No detailed vulnerability details are...

Rust Resource Management Error Vulnerability (CNVD-2021-29842)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust id-map crate 2021-02-26 and earlier versions, which stems from removeset being DOUBLE FREE when an emergency occurs in Drop impl. No detailed vulnerabilit...

Rust Resource Management Error Vulnerability (CNVD-2021-31472)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust id-map crate version 2021-02-26 and prior versions, which stems from the discovery of a double release in IdMap::clonefrom. No detailed vulnerability...

Dolby DAX2 API Service 代码问题漏洞

The Dolby DAX2 API Service is an audio service component from Dolby Laboratories USA. A code issue vulnerability exists in Dolby Audio X2 DAX2 API service versions prior to 0.8.8.90 that allows local users to gain privileges...

UBUNTU-CVE-2021-22202

An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the API...

PT-2021-15238 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.0.4 GitHub Enterprise Server versions prior to 2.22.10 GitHub Enterprise Server versions prior to 2.21.18 Description: An improper access control issue was identified that allowed access tokens...

Rust Denial of Service Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A denial of service vulnerability exists in parseduration crate for Rust 2021-03-18 and earlier versions, which can be exploited by an attacker to cause a denial of service CPU and memory consumption via a large...

Rust Out-of-Bounds Write Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust on 2021-02-19 and earlier versions, which stems from an out-of-bounds write in StackVec::extend that could result in an out-of-bounds write if certain exception data is...

GitHub node-etsy-client 信息泄露漏洞

GitHub node-etsy-client is a GitHub open source application. nodeJs Etsy ReST API client. A security vulnerability exists in node-etsy-client that stems from a reported client-side error will also provide the api key value...

Moderate: Red Hat Security Advisory: perl security update

An update for perl is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...