Cross-site Scripting (XSS)

Overview qwc2-lts is a QGIS Web Client Affected versions of this package are vulnerable to Cross-site Scripting XSS via multiple components, including ServiceInfoWindow, SearchBox, LayerInfoWindow, and others. An attacker can execute arbitrary JavaScript code in the context of the user's browser ...

EUVD-2020-24946

Malware in sbrugna...

EUVD-2014-9718

Malware in sbrugna...

CVE-2020-3675

u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

PT-2024-23958 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions affected versions not specified Description: The issue is related to improper input validation in the AutofillManagerServiceImpl.java, specifically in the newServiceInfoLocked method. This could allow an enabled Autofill...

Syncplify Server! 5.0.37 - (SMWebRestServicev5) Unquoted Service Path Vulnerability

Exploit Title: Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path Exploit Author: Julio Aviña Vendor Homepage: https://www.syncplify.me/ Software Link: https://download.syncplify.me/SMServerSetup.exe Version: 5.0.37 Tested on: Windows 10 Pro x64 es Vulnerability Type: Unquot...

OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path

Exploit Title: OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.oki.com/ Software Link: https://www.oki.com/mx/printing/download/sPSV0100412270910.exe Software Version: 1.0.41 File Version: 1.4.2.0 Tested...

FreeBSD : Gitlab -- Multiple vulnerabilities (174e466b-1d48-11eb-bd0f-001b217b3468)

Gitlab reports : Path Traversal in LFS Upload Path traversal allows saving packages in arbitrary location Kubernetes agent API leaks private repos Terraform state deletion API exposes object storage URL Stored-XSS in error message of build-dependencies Git credentials persisted on disk Potential...

Input Director 1.4.3 Unquoted Service Path

Exploit Title: Input Director 1.4.3 - 'Input Director' Unquoted Service Path Discovery Date: 2020-09-08 Response from Input Director Support: 09/09/2020 Exploit Author: TOUHAMI Kasbaoui Vendor Homepage: https://www.inputdirector.com/ Version: 1.4.3 Tested on: Windows Server 2012, Windows 10 Find...

CVE-2020-3675

CVE-2020-3675 concerns a potential integer underflow when parsing Service Info and IPv6 link-local TLVs in the NDPE attribute, affecting Qualcomm Snapdragon platforms. The description lists affected families and SoCs, including IPQ5018, IPQ6018, IPQ8074 and various Snapdragon genera (Auto, Comput...

CVE-2020-3675

u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

SprintWork 2.3.1 Local Privilege Escalation

Exploit Title: SprintWork 2.3.1 - Local Privilege Escalation Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/spx/exe/SprintWork-Setup.exe Version: 2.3.1 Tested On: Windows 10 32-bit Vulnerability Overview: SprintWork v2.3.1 x8...

uptime-agent-info NSE Script

Gets system information from an Idera Uptime Infrastructure Monitor agent. Example Usage nmap --script uptime-agent-info -p 9998 Script Output 9998/tcp open uptime-agent syn-ack | uptime-agent-info: SYSNAME=system123 | DOMAIN=none | ARCH="Linux system123 3.12.51-60.20-default 1 SMP Fri Dec 11...

TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path

Exploit Title: TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path Date: 2019-11-28 Exploit Author: Cristian Ayala G Vendor Homepage: https://tenaxsoft.com/index.html Software Link: https://tenaxsoft.com/descargas.html Version: 6.4.131 Tested on: Windows 10 Pro x64 Step to discover...

Wondershare Application Framework Service - "WsAppService" Unquote Service Path

Exploit Title: Wondershare Application Framework Service - "WsAppService" Unquote Service Path Google Dork: N/A Date: 2019-11-11 Exploit Author: chuyreds Vendor Homepage: https://www.wondershare.com/ Software Link: https://www.wondershare.com/drfone/ Version: 2.4.3.231 Tested on: Windows 10 Home...

Alps HID Monitor Service 8.1.0.10 - 'ApHidMonitorService' Unquote Service Path

Exploit Title: Alps HID Monitor Service 8.1.0.10 - 'ApHidMonitorService' Unquote Service Path Date: 2019-11-07 Exploit Author: Héctor Gabriel Chimecatl Hernández Vendor Homepage: https://www.alps.com/e/ Software Link: https://www.alps.com/e/ Version: 8.1.0.10 Tested on: Windows 10 Home Single...

backorifice-info NSE Script

Connects to a BackOrifice service and gathers information about the host and the BackOrifice service itself. The extracted host information includes basic system setup, list of running processes, network resources and shares. Information about the service includes enabled port redirections,...