GSD-2022-1007537 xen/gntdev: Prevent leaking grants

xen/gntdev: Prevent leaking grants This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.264 by commit cb1ccfe7655380f77a58b340072f5f40bc285902,...

Shopify: Stealing users' facebook access tokens - kitcrm.com

Summary: I have found a number of minor security vulnerabilities with no impact that when chained together will lead to an attacker being able to steal the current user's facebook access token provided for kitcrm.com Description: - In kitcrm.com, users register with their shopify account and the...

phpCommunityCalendar 4.0.3 - Cross-Site Scripting / SQL Injection

author : X0r1 release : 23.05.06 software : http://www.appideas.com/ googledork : "Calendar programming by AppIdeas.com" filetype:php XSS: http://SERVER/PATH/week.php?LoName=alert'XSS' http://SERVER/PATH/month.php?LoName=alert'XSS' http://SERVER/PATH/event.php?AddressLink="alert'XSS'" SQL...