Lucene search
K

51 matches found

UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.49 views

CVE-2022-44840

Heap buffer overflow vulnerability in binutils readelf before 2.40 via function findsectioninset in file readelf.c...

7.8CVSS6.5AI score0.00461EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2023/07/05 3:23 p.m.39 views

USN-6204-1: CPDB vulnerability

Seth Arnold discovered that CPDB incorrectly handled certain characters. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS8.2AI score0.01539EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2023/02/15 12:0 a.m.35 views

CVE-2023-25587

binutils: NULL pointer segmentation fault when accessing field thebfd in function comparesymbols Notes Author| Note ---|--- seth-arnold | binutils isn't safe for untrusted inputs...

3.1AI score
Exploits0References5
Openbugbounty
Openbugbounty
added 2023/02/11 6:56 a.m.14 views

sethkellerportfolio.com Cross Site Scripting vulnerability OBB-3189613

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Code423n4
Code423n4
added 2022/11/18 12:0 a.m.9 views

SLOT owners lose half their value when there is no sETH deposited to the Syndicate.

Lines of code Vulnerability details Description The Syndicate contract uses total balance as collateral for both sETH accumulatedETHPerFreeFloatingShare and SLOT rewards accumulatedETHPerCollateralizedSlotPerKnot. They are updated in the following function: function updateAccruedETHPerShares publ...

6.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2022/09/01 9:15 p.m.34 views

CVE-2022-38126

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

5.8AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/10/01 4:15 p.m.24 views

CVE-2021-40926

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

6.1CVSS6.5AI score0.00976EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2019/12/04 10:15 p.m.28 views

CVE-2013-2745

An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0...

9.8CVSS7.3AI score0.01981EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/03/27 2:29 p.m.39 views

CVE-2019-5419

There is a possible denial of service vulnerability in Action View Rails 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive...

7.8CVSS6.8AI score0.08671EPSS
Exploits3References2
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2018/09/11 4:7 p.m.56 views

Twenty Years of Network Security Monitoring: From the AFCERT to Corelight

I am really fired up to join Corelight. I’ve had to keep my involvement with the team a secret since officially starting on July 20th. Why was I so excited about this company? Let me step backwards to help explain my present situation, and forecast the future. Twenty years ago this month I joined...

7AI score
Exploits0
n0where
n0where
added 2018/05/08 4:11 a.m.27 views

MITM RDP Connections: Seth

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops...

0.4AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/03/18 6:29 a.m.25 views

CVE-2018-8769

elfutils 0.170 has a buffer over-read in the ebldynamictagname function of libebl/ebldynamictagname.c because SYMTABSHNDX is unsupported...

7.8CVSS7.2AI score0.00853EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2017/10/18 2:29 p.m.37 views

CVE-2011-5320

scanf and related functions in glibc before 2.15 allow local users to cause a denial of service segmentation fault via a large string of 0s...

6.2CVSS6.8AI score0.00466EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2017/06/08 9:29 p.m.23 views

CVE-2015-1786

Cross-site request forgery CSRF vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers...

8.8CVSS7.2AI score0.00656EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/05/16 12:0 a.m.23 views

CVE-2017-6886

An error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to corrupt memory...

9.8CVSS6.9AI score0.03362EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/03/20 4:59 p.m.33 views

CVE-2017-5618

GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions...

7.8CVSS7.2AI score0.01087EPSS
Exploits6References4
UbuntuCve
UbuntuCve
added 2017/03/11 2:59 a.m.74 views

CVE-2017-5638

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or...

10CVSS7.4AI score0.99999EPSS
Exploits44References3
UbuntuCve
UbuntuCve
added 2016/07/22 12:0 a.m.41 views

CVE-2016-5399

The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via a crafted bz2 archive...

7.8CVSS7.5AI score0.09844EPSS
Exploits5References3
UbuntuCve
UbuntuCve
added 2016/02/22 5:59 a.m.21 views

CVE-2015-5332

Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial of service disk consumption by leveraging the guest role and entering drafts with the editor-autosave feature...

7.1CVSS6.9AI score0.01684EPSS
Exploits0References2
Drupal
Drupal
added 2015/04/01 12:0 a.m.21 views

EntityBulkDelete - Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-089

EntityBulkDelete module allows you to delete entities in bulk using the Batch API. The module doesn't sufficiently sanitize user supplied text in some administration pages, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacker must be...

4.3CVSS6AI score0.01184EPSS
Exploits0References10
Rows per page
Query Builder