Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded 6 days ago6 views

tar has a PAX header desynchronization issue

Summary When a tar stream contains multiple "header" entries prior to a file entry, tar-rs applies the PAX header x to the next entry in the stream, regardless of type. For example, a stream of x - L - file PAX, GNU longname, file would result in x's extensions being applied to L rather than to...

5.8AI score
Exploits0References5Affected Software1
Code423n4
Code423n4added 2024/01/28 12:0 a.m.29 views

update_market() nextEpoch calculation incorrect

Lines of code Vulnerability details Vulnerability details A very important logic of updatemarket is to update accCantoPerShare. When updating, if it crosses the epoch boundary, it needs to use the corresponding epoch's cantoPerBlockepoch. For example: cantoPerBlock100000 = 100 cantoPerBlock200000...

7.1AI score
Exploits0
Huntr
Huntradded 2022/08/22 2:50 a.m.28 views

NULL Pointer Dereference in function do_mouse

Description NULL Pointer Dereference in function domouse at vim/src/mouse.c:496 . vim version git log commit 171c683237149262665135c7d5841a89bb156f53 HEAD - master, tag: v9.0.0242, origin/master, origin/HEAD Proof of Concept ./vim -u NONE -X -Z -e -s -S /home/fuzz/test/poc3null.dat -c :qa!...

1.9CVSS0.6AI score0.00066EPSS
Exploits1
The Hacker News
The Hacker Newsadded 2012/08/31 11:51 p.m.11 views

security researchers found yet another vulnerability in JAVA after update

Oracle released an emergency patch on Thursday for previously unknown Java vulnerabilities that cybercriminals had targeted with popular exploit kits within hours after the bugs' existence became public, security researchers found yet another vulnerability that can be exploited to run arbitrary...

7.7AI score
Exploits0
Atlassian
Atlassianadded 2011/09/05 3:18 p.m.14 views

Inline attachment downloads vulnerable to XSS by setting tweaked HTML content type

Please see CONFDEV-9069 https://jira.atlassian.com/browse/CONFDEV-9069 for the current issue addressed at fixing attachment XSS vulnerabilities. --- TLDR: white-list mime-types which can be served "inline" and don't let the user set arbitrary mime-types. I have been having a good laugh sorry...

6.5AI score
Exploits0Affected Software1
Packet Storm
Packet Stormadded 2007/07/11 12:0 a.m.49 views

linux-26202.txt

/ Linux Kernel IPV6GetsockoptSticky Memory Leak Proof Of Concept dreyer 07-2007 Osu, Tatakae, Sexy Pandas! Dumps to stdout the memory mapped between INI and END. CVE: CVE-2007-1000 BID: 22904 Affected: Linux Kernel include include include include define HOPOPTOFFSET 8 define INIADDR 0xc0100000...

7.2CVSS6.3AI score0.00236EPSS
Exploits7
Rows per page
Query Builder