Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

ossfuzz
ossfuzzadded 2018/09/25 12:24 p.m.20 views

strongswan/fuzz_certs: Heap-buffer-overflow in gmp_emsa_pkcs1_signature_data

Detailed report: https://oss-fuzz.com/testcase?key=5761587219005440 Project: strongswan Fuzzer: aflstrongswanfuzzcerts Fuzz target binary: fuzzcerts Job Type: aflasanstrongswan Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 1 Crash Address: 0x6030000019a1 Crash State:...

6.4AI score
Exploits0Affected Software1
ossfuzz
ossfuzzadded 2018/01/25 10:50 a.m.12 views

imagemagick/encoder_miff_fuzzer: Use-of-uninitialized-value in PerceptibleReciprocal

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5646359521656832 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermifffuzzer Fuzz target binary: encodermifffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

6.7AI score
Exploits0Affected Software1
Atlassian
Atlassianadded 2011/09/05 3:18 p.m.14 views

Inline attachment downloads vulnerable to XSS by setting tweaked HTML content type

Please see CONFDEV-9069 https://jira.atlassian.com/browse/CONFDEV-9069 for the current issue addressed at fixing attachment XSS vulnerabilities. --- TLDR: white-list mime-types which can be served "inline" and don't let the user set arbitrary mime-types. I have been having a good laugh sorry...

6.5AI score
Exploits0Affected Software1
Rows per page
Query Builder