119 matches found
DL1 bug fix and enhancement update
An update is available for python-jwcrypto, custodia, python-qrcode, python-yubico, pyusb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed informati...
QRGen - Simple Script For Generating Malformed QRCodes
Simple Script For Generating Malformed QRCodes. These qrcodes are useful if you want to test some QRCode scanner's parser or how the application handle QRCode data. Down side of this tool: you need to manually scan codes with camera. Proof Installation What do you need: python3 qrcode Pillow...
node-qrcode (>=0.0.1 <=0.0.4), ocast-dongletv (>=1.0.1 <=1.1.0) potentially affected by CVE-2016-10618 via node-browser (>=0.0.1 <=0.0.3)
node-browser NPM version =0.0.1, =0.0.1, =1.0.1, =1.1.0 Source cves: CVE-2016-10618 Source advisory: OSV:GHSA-8R98-RQG5-4VM3...
Malicious Package
text-qrcode package contains malicious code. The randomBytes method is overwritten with a function that generates a weak entropy of 3 bytes and subsequently hashed, which would allow an attacker to guess the random value in a short amount of time...
Entropy Backdoor
Overview All versions of text-qrcode contain malicious code that overwrites the randomBytes method for the crypto module with a function that generates weak entropy. Instead of generating 32 bytes, the infected randomBytes will generate 3 bytes of entropy and hash them, resulting in a 32 byte val...
qrcode-generator.de XSS vulnerability
Open Bug Bounty ID: OBB-702289 Description| Value ---|--- Affected Website:| qrcode-generator.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
DedeCMS Cross-Site Scripting Vulnerability (CNVD-2018-21796)
DedeCMS is a PHP-based web content management system CMS. A cross-site scripting vulnerability exists in the plus/qrcode.php page in DedeCMS version 5.7 SP2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the 'type' parameter...
CVE-2018-18578
DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter...
qrcode-arts.de XSS vulnerability
Open Bug Bounty ID: OBB-611533 Description| Value ---|--- Affected Website:| qrcode-arts.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Red Hat JBoss KeyCloak Denial of Service Vulnerability
Red Hat JBoss KeyCloak is the United States Red Hat Red Hat company's open source for modern applications and services in the authentication and access management software. A security vulnerability exists in Red Hat JBoss KeyCloak. A remote attacker can cause a denial of service resource...
CVE-2014-3651
Affected product: JBoss KeyCloak before 1.0.3.Final. Vulnerability: remote attackers can cause denial of service by sending a large value in the size parameter to auth/qrcode, related to QR code generation (resource consumption). Root cause: excessive resource usage leading to DoS. Impact: availa...
MW6 Technologies QRCode ActiveX 3.0 - Remote File Overwrite Exploit
No description provided by source. pre codespan style=font: 10pt Courier New;span class=general1-symbolbody bgcolor=E0E0E0----------------------------------------------------------------------------- bMW6 Technologies QRCode ActiveX 3.0 MW6QRCode.dll Remote File Overwrite/b url: www.mw6tech.com...
Path traversal
Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the 1 SaveAsBMP or 2 SaveAsWMF...
MW6 Technologies QRCode ActiveX 3.0 Remote File Overwrite Exploit
No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"body bgcolor="E0E0E0"----------------------------------------------------------------------------- bMW6 Technologies QRCode ActiveX 3.0 MW6QRCode.dll Remote File Overwrite/b url:...
mw6-overwrite.txt
----------------------------------------------------------------------------- MW6 Technologies QRCode ActiveX 3.0 MW6QRCode.dll Remote File Overwrite url: www.mw6tech.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose. U...
MW6 Technologies QRCode ActiveX 3.0 - Remote File Overwrite
----------------------------------------------------------------------------- MW6 Technologies QRCode ActiveX 3.0 MW6QRCode.dll Remote File Overwrite url: www.mw6tech.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose. U...
MW6 Technologies QRCode ActiveX 3.0 - Remote File Overwrite
MW6 Technologies QRCode ActiveX 3.0 - Remote File Overwrite ----------------------------------------------------------------------------- MW6 Technologies QRCode ActiveX 3.0 MW6QRCode.dll Remote File Overwrite url: www.mw6tech.com Author: shinnai mail: shinnaiatautisticidotorg site:...
MW6 Technologies QRCode ActiveX 3.0 Remote File Overwrite Exploit
Exploit for unknown platform in category remote exploits ================================================================= MW6 Technologies QRCode ActiveX 3.0 Remote File Overwrite Exploit =================================================================...
JVN#29273468 QRcode Perl CGI & PHP script vulnerable to denial of service attack
Impact A remote attacker may cause a denial of service DoS attack. Solution Products Affected QRcode Perl/CGI & PHP script ver. 0.50f and earlier including both Perl versions and PHP versions...