CVE-2020-28276

Prototype pollution vulnerability in 'deep-set' versions 1.0.0 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution...

Amino Communications 多款产品信任管理问题漏洞

The Amino Communications AK45x series, among others, is a family of television set-top box devices from Amino UK. Amino Communications has a trust management issue vulnerability in a number of its products, which arises from a root user hard-coded SSH key that can be exploited by an attacker to...

Klaemo Deep Set Security Vulnerability

Klaemo Deep Set is a codebase from the individual developers of Klaemo based on the Javascript language that can assign values to objects of dictionary type. A security vulnerability exists in deep-set versions 1.0.0 through 1.0.1, which can be exploited by an attacker to cause a denial of servic...

React Atomic Organism Security Vulnerability

React Atomic Organism is a codebase from the React Atomic team used to provide atomicity support for React applications. A security vulnerability in React Atomic Organism set-object-value versions 0.0.0 through 0.0.5 allows attackers to exploit the vulnerability for denial of service and...

Design/Logic Flaw

Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel which will require a physical reset to restore administrative control via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/setfactory URI...

Gobby Null Pointer Dereference Vulnerability

Gobby is a free collaborative editor. A null pointer dereference vulnerability exists in Gobby 0.4.11 in the D-Bus handler for certain setlanguage calls. An attacker could exploit this vulnerability to cause a denial of service...

DEBIAN-CVE-2020-35450

Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler for certain setlanguage calls...

UBUNTU-CVE-2020-35450

Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler for certain setlanguage calls...

CVE-2020-35713

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page...

Gobby 代码问题漏洞

Gobby is a free collaborative editor. A null pointer dereference vulnerability exists in Gobby 0.4.11 in the D-Bus handler for certain setlanguage calls. An attacker could exploit this vulnerability to cause a denial of service...

CVE-2020-27030

In onCreate of HandleApiCalls.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege that allows an app to set or dismiss the alarm with no additional execution privileges needed. User interaction is not needed for...

ALEA-2020:5501 openscap bug fix and enhancement update

The OpenSCAP suite enables integration of the Security Content Automation Protocol SCAP line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fixes and Enhancements: Enable YAML probe to work with sets of values...

Prototype Pollution

Overview Affected versions of this package are vulnerable to Prototype Pollution. The vulnerability is in the set function. PoC const decal = require'decal'; console.log'Before:', .polluted; decal.set, "proto.polluted", "1337"; console.log'After:', .polluted; Details Prototype Pollution is a...

xorg-x11-server: Out-of-bounds access in XkbSetMap function

A flaw was found in the X.Org Server. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.

...

TapinRadio 2.13.7 - Denial of Service Exploit

Exploit Title: TapinRadio 2.13.7 - Denial of Service PoC Date: 2020-05-12 Exploit Author: Ismael Nava Vendor Homepage: http://www.raimersoft.com/ Software Link: www.raimersoft.com/downloads/tapinradiosetupx64.exe Version: 2.13.7 x64 Tested on: Windows 10 Home x64 STEPS Open the program TapinRadio...

Prototype Pollution

set-in is vulnerable to prototype pollution. The vulnerability exists through the lack of validation on the proto key values in headers...

CVE-2020-28273

Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution...

CVE-2020-28273

The CVE-2020-28273 entry concerns a prototype pollution vulnerability in the npm package set-in, affected in versions 1.0.0 through 2.0.0. The root cause is prototype pollution via the setIn method, which allows merging object prototypes and can lead to a denial of service and may enable remote c...

CVE-2020-28273

Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution...