EUVD-2024-47209

Malicious code in bioql PyPI...

CVE-2024-6051

Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13...

CVE-2024-6051

Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13...

CVE-2024-6051 Cross Application Scripting in Redlink SDK

Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13...

CVE-2024-6051

CVE-2024-6051 : A Cross‑Site (Cross Application) Scripting vulnerability affects the Vercom S.A. Redlink SDK (versions through 1.13). The issue allows local code injection and manipulation of the vulnerable application’s view in certain conditions. Affected product/function: Redlink SDK by Vercom...

CVE-2024-6051 Cross Application Scripting in Redlink SDK

Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations allows local code injection and to manipulate the view of a vulnerable application.This issue affects Redlink SDK versions through 1.13...

CVE-2023-49189

CVE-2023-49189 is a Stored XSS in WordPress plugin Social Share Buttons & Analytics Plugin – GetSocial.io (GetSocial)

VIMESA VHF/FM Transmitter Blue Plus 9.7.1 (doreboot) Remote Denial Of Service

Summary The transmitter Blue Plus is designed with all the latest technologies, such as high efficiency using the latest generation LDMOS transistor and high efficiency power supplies. We used a modern interface and performance using a color display with touch screen, with easy management softwar...

400 Banks’ Customers Targeted with Anubis Trojan

Customers of Chase, Wells Fargo, Bank of America and Capital One, along with nearly 400 other financial institutions, are being targeted by a malicious app disguised to look like the official account management platform for French telecom company Orange S.A. Researchers say this is just the...

NuCom 11N Wireless Router 5.07.90 Remote Privilege Escalation Vulnerability

NuCom 11N Wireless Router version 5.07.90 suffers from a remote privilege escalation vulnerability. The non-privileged default user user:user can elevate his/her privileges by sending a HTTP GET request to the configuration backup endpoint and disclose the http super password admin credentials in...

NuCom 11N Wireless Router 5.07.90 Remote Privilege Escalation

NuCom 11N Wireless Router v5.07.90 Remote Privilege Escalation Vendor: NUEVAS COMUNICACIONES IBERIA, S.A. Product web page: https://www.nucom.es Affected version: 5.07.90multiNCM01 5.07.89multiNCM01 5.07.72multiNCM01 Summary: The NC routers upgrades your network to the next generation of WiFi. Wi...

buscabanco.org.br XSS vulnerability

Open Bug Bounty ID: OBB-639394 Description| Value ---|--- Affected Website:| buscabanco.org.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

e2openplugin OpenWebif 1.2.4 Code Execution

Hello all, e2openplugin-OpenWebif is an open source web interface plugin for IP TVs and media centers. It is found in several IP TV software images and hardware products including the commercial Dreambox devices. A remote code injection vulnerability was found in the "key" HTTP GET parameter of t...

The FAA Is Arguing for Security by Obscurity

In a proposed rule by the FAA, it argues that software in an Embraer S.A. Model ERJ 190-300 airplane is secure because it's proprietary: In addition, the operating systems for current airplane systems are usually and historically proprietary. Therefore, they are not as susceptible to corruption...

Telefonica O2 Connection Manager 3.4 Local Privilege Escalation

O2 Connection Manager suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable files with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag Full for 'Everyone' group, making the entire...

Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow Vulnerability

Exploit for windows platform in category remote exploits !/usr/bin/perl Ubisoft Rayman Legends v1.2.103716 Remote Stack Buffer Overflow Vulnerability Vendor: Ubisoft Entertainment S.A. Product web page: http://www.ubi.com Affected version: 1.2.103716, 1.1.100477 and 1.0.95278 Summary: Rayman...

Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow Vulnerability

Exploit for windows platform in category dos / poc !/usr/bin/perl Ubisoft Rayman Legends v1.2.103716 Remote Stack Buffer Overflow Vulnerability Vendor: Ubisoft Entertainment S.A. Product web page: http://www.ubi.com Affected version: 1.2.103716, 1.1.100477 and 1.0.95278 Summary: Rayman Legends is...

TP-Link - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities

TP-Link - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities Advisory Name: Multiple Cross Site Request Forgery vulnerabilities in TP-LINK Admin Panel Internal Cybsec Advisory Id: 2013-0208-Multiple CSRF vulnerabilities in TP-LINK Vulnerability Class: Cross Site Request Forgery CSRF...

Wirtualna Polska S.A. (WP) XSS / CSRF Vulnerability

Wirtualna Polska S.A. WP suffers from cross site request forgery and cross site scripting vulnerabilities. Poczta.WP Multiple vulnerabilities full disclosure security paper Author: Jakub Zoczek zoczusxgmail.com 0x01 Intro ---------- Wirtualna Polska S.A. WP is one of the largest Polish web portal...

Wirtualna Polska S.A. (WP) XSS / CSRF

Poczta.WP Multiple vulnerabilities full disclosure security paper Author: Jakub Zoczek zoczusxgmail.com 0x01 Intro ---------- Wirtualna Polska S.A. WP is one of the largest Polish web portals. Their email service poczta.wp.pl is affected by multiple cross-site scripting vulnerabilities and also...