210 matches found
Out-of-Bounds Write
firefox is vulnerable to Out-of-Bounds Write. An attacker could exploit this vulnerability to execute arbitrary code on a victim's system, which could allow the attacker to steal data, install malware, or take control of the system. This could have serious consequences for the victim, such as...
Updated sofia-sip packages fix security vulnerability
The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. CVE-2023-32307...
seriousgrillershq.net Cross Site Scripting vulnerability OBB-3362979
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Apple's iOS 16.4: Security Updates Are Better Than New Emoji
Plus: Microsoft Outlook and Android patch serious flaws, Chrome and Firefox get fixes, and much more...
Apple Users Need to Update iOS Now to Patch Serious Flaws
Plus: Microsoft fixes several zero-day bugs, Google patches Chrome and Android, Mozilla rids Firefox of a full-screen vulnerability, and more...
Buyout griefing can block almost all functionalities
Lines of code Vulnerability details Impact Everyone can start a Buyout for a vault by paying only 1 wei. For the next 4 days no other Buyout can start. If someone is fast enough, they can start another griefing buyout as soon as one finishes, meaning that it's possible to block the functionality ...
You Need to Update iOS, Chrome, Windows, and Zoom ASAP
Plus: Google patches 36 Android vulnerabilities, Cisco fixes three high-severity issues, and VMWare closes two “serious” flaws...
Last Week’s Security news: Serious Sam in Metasploit, PetitPotam, Zimbra Hijack, Joint Advisory TOP30 CVEs
Hello everyone! Last Weeks Security News, July 26 - August 1. Serious Sam in Metasploit Last week I talked about the Serious Sam vulnerability CVE-2021-36934, also known as HiveNightmare. The name HiveNightmare comes from the fact that Windows stores its registry data in a small number of...
Information disclosure
Under certain conditions SAP Solution Manager, version - 720, allows a high privileged attacker to get access to sensitive information which has a direct serious impact beyond the exploitable component thereby affecting the confidentiality in the application...
CVE-2021-21483
Under certain conditions SAP Solution Manager, version - 720, allows a high privileged attacker to get access to sensitive information which has a direct serious impact beyond the exploitable component thereby affecting the confidentiality in the application...
CVE-2021-21433
Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2...
Code Injection in donmccurdy/expression-eval
✍️ Description Althrough we have decleared in the README.MD that do not use this package with user-provided inputs, but after i exam some project with this project, i found that many developers still use in that way, which may lead to some serious security problem. So I think that we still need to...
Manufacturing's Cloud Migration Opens Door to Major Cyber-Risk
Web-facing applications continue to be one of the highest security risks present for organizations, with more than 40 percent of them actively leaking data in a way that can have a ripple affect across businesses and their partners, research has found. Moreover, manufacturing is particularly...
Remote code execution
Hello, as discussed by email, this fixes a serious vulnerability. Hopefully my code is OK-ish...
ReQuest Serious Play F3 Media Server 7.0.3 - Remote Code Execution (Unauthenticated)
Exploit Title: ReQuest Serious Play F3 Media Server 7.0.3 - Remote Code Execution Unauthenticated Exploit Author: LiquidWorm Software Link: http://request.com/ Version: 3.0.0 !/usr/bin/env python3 -- coding: utf-8 -- ReQuest Serious Play F3 Media Server 7.0.3 Unauthenticated Remote Code Execution...
ReQuest Serious Play Media Player 3.0 - Directory Traversal File Disclosure
Exploit Title: ReQuest Serious Play Media Player 3.0 - Directory Traversal File Disclosure Vulnerability Exploit Author: LiquidWorm Software Link: http://request.com/ Version: 3.0.0 ReQuest Serious Play Media Player 3.0 Directory Traversal File Disclosure Vulnerability Vendor: ReQuest Serious Pla...
ReQuest Serious Play F3 Media Server 7.0.3 - Remote Denial of Service
Exploit Title: ReQuest Serious Play F3 Media Server 7.0.3 - Remote Denial of Service Exploit Author: LiquidWorm Software Link: http://request.com/ Version: 3.0.0 Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com Affected version: 7.0.3.4968 Pro 7.0.2.4954 6.5.2.4954...
ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure
Exploit Title: ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure Exploit Author: LiquidWorm Software Link: http://request.com/ Version: 3.0.0 ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com...
ReQuest Serious Play F3 Media Server 7.0.3 Denial Of Service
ReQuest Serious Play F3 Media Server 7.0.3 Remote Denial of Service Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com Affected version: 7.0.3.4968 Pro 7.0.2.4954 6.5.2.4954 6.4.2.4681 6.3.2.4203 2.0.1.823 Summary: F3 packs all the power of ReQuest's multi-zone serious Play...
ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure
ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com Affected version: 7.0.3.4968 Pro 7.0.2.4954 6.5.2.4954 6.4.2.4681 6.3.2.4203 2.0.1.823 Summary: F3 packs all the power of ReQuest's multi-zone serious Play...