7877 matches found
GSD-2022-1004459 xtensa: xtfpga: Fix refcount leak bug in setup
xtensa: xtfpga: Fix refcount leak bug in setup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.51 by commit...
GSD-2022-1004248 xtensa: xtfpga: Fix refcount leak bug in setup
xtensa: xtfpga: Fix refcount leak bug in setup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit...
Change Admin and Opertorship address through setup function in AxelarGateway
Lines of code Vulnerability details Impact Anyone can set the Admin address and transferOperatorShip to a new address. Proof of Concept A Simple call to the setup function. That will call setAdmins of Axelar Multisig Base contract. Recommended Mitigation Steps Can Add access control on setup...
CVE-2020-6998
The connection establishment algorithm found in Rockwell Automation CompactLogix 5370 and ControlLogix 5570 versions 33 and prior does not sufficiently manage its control flow during execution, creating an infinite loop. This may allow an attacker to send specially crafted CIP packet requests to ...
Simplifying the fight against ransomware: An expert explains
Fighting against ransomware can be difficult—especially if your organization has limited IT resources to begin with. But Adam Kujawa, security evangelist and director of Malwarebytes Labs, has a few tips for overburdened IT folks looking to simplify their fight against ransomware. In this post,...
CVE-2022-2340
The W-DALIL WordPress plugin through 2.0 does not sanitise and escape some of its fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-2340
The W-DALIL WordPress plugin through 2.0 does not sanitise and escape some of its fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
Simple Banner < 2.12.0 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape its settings proversionactivationcode settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Exploit for OS Command Injection in Apache Spark
CVE-2022-33891 Apache Spark Shell Command Injection Vulnerabil...
[SECURITY] Fedora 35 Update: android-tools-31.0.2-2.fc35
The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...
DW Promobar <= 1.0.4 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in any of the plugin...
Better Tag Cloud <= 0.99.5 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in any text field setting...
CVE-2022-2222 Download Monitor < 4.5.91 - Admin+ Arbitrary File Download
The Download Monitor WordPress plugin before 4.5.91 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup...
Bypass-Url-Parser - Tool That Tests Many URL Bypasses To Reach A 40X Protected Page
Tool that tests MANY url bypasses to reach a 40X protected page. If you wonder why this code is nothing but a dirty curl wrapper, here's why: Most of the python requests do url/path/parameter encoding/decoding, and I hate this. If I submit raw chars, I want raw chars to be sent. If I send a weird...
U.S. Dept Of Defense: Wordpress Takeover using setup configuration at http://████.edu [HtUS]
A vulnerability was found in the WordPress 'setup-config.php' installation page, which allowed a malicious user to install WordPress in a remote MySQL database without valid credentials on the target system. This could lead to remote code execution and total system compromise, as well as other...
How to Manually Configure Certificate Trust in Web Interface for NetScaler
This article describes how to import a root Certificate Authority CA into the NetScaler's trusted certificate store using the CLI. Setting up the certificate trust is necessary when deploying Web Interface for NetScaler in Gateway Direct Mode with the Authentication Point set to Access Gateway: A...
Stripo Inc: [SSRF] my.stripo.email via the setup-wizard parameter
A vulnerability in the setup wizard allowed SSRF. The issue has been resolved...
Code injection
While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942...
GSD-2022-1004056 um: Fix out-of-bounds read in LDT setup
um: Fix out-of-bounds read in LDT setup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.318 by commit...
GSD-2022-1003550 um: Fix out-of-bounds read in LDT setup
um: Fix out-of-bounds read in LDT setup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.121 by commit...