CVE-2026-28676

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file...

CVE-2026-28677

OpenSift prior to v1.6.3-alpha exposed an SSRF vulnerability in the URL ingest pipeline due to incomplete destination restrictions on user-controlled URLs. In non-localhost deployments, credentialed URLs, non-standard ports, and cross-host redirects created abuse paths. The issue has been patched...

CVE-2026-28676 OpenSift: Insufficient path containment checks in storage helpers could allow path traversal-style file operations

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection risk in file...

CVE-2026-27189

OpenSift: A race-prone local persistence issue in versions ≤ 1.1.2-alpha due to non-atomic and insufficiently synchronized JSON persistence flows. This can cause concurrent operations to lose updates or corrupt local state across sessions (study/quiz/flashcard/wellness/auth stores). The vulnerabi...

EUVD-2008-0679

Malware in sbrugna...

CVE-2008-0669

Cross-site scripting XSS vulnerability in search.cgi in Sift Unity allows remote attackers to inject arbitrary web script or HTML via the qt parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

Boston and London, U.S. and U.K., 10th October 2024, CyberNewsWire...

Malicious code in sift-web-sdk (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3016 Malicious code in sift-web-sdk (npm)

--- -= Per source details. Do not edit below this line.=-...

Nexo Teams Up with Sift for Enhanced Digital Security and User Experience

By Owais Sultan February 15, 2024 – Nexo, the leading institution for digital assets, announced a partnership with Sift, the Leader… This is a post from HackRead.com Read the original post: Nexo Teams Up with Sift for Enhanced Digital Security and User Experience...

SUSE CVE-2015-20001

In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside siftup or siftdownrange panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory...

UBUNTU-CVE-2015-20001

In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside siftup or siftdownrange panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.2.0, which stems from the binary heap being in a failure to agree state when comparing generic elements of sift up or...

Udemy: Completed Compromise & Source Code Disclosure via Exposed Jenkins Dashboard at https://jenkins101.udemy.com

Howdy, @udemy! Summary: ======= I am writing to inform you of a critical information disclosure bug via an exposed Jenkins dashboard located at https://jenkins101.udemy.com. Upon navigating to this address, I was asked to authenticate with my Github account. After authenticating, I was surprised ...

Asx to Mp3 2.7.5 - Local Stack Overflow

Exploit Title: ASX to MP3 Converter 2.7.5 stack buffer overflow Date: 6 Oct 2014 Exploit Author: Amir Reza Tavakolian Vendor Homepage: http://binarylife.blog.ir/ Software Link: http://download.cnet.com/ASX-to-MP3-Converter/3000-21684-10385919.html Version: 2.7.5 Tested on: windows xp sp 3 Special...

DFLabs PTK <= 1.0 Local Command Execution Vulnerability

No description provided by source. ==================================================== Security Research Advisory Vulnerability name: DFLabs PTK Local Command Execution Vulnerability Advisory number: LC-2008-07 Advisory URL: http://www.ikkisoft.com...

CVE-2008-1869

SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific...

CVE-2008-1869

SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific...

CVE-2008-1869

CVE-2008-1869 describes a SQL injection in Site Sift Listings (Site Sift) where the vulnerable code does not sanitize the input from the id parameter in the detail action to index.php . The underlying root cause is unsanitized user input being concatenated into a SQL query, enabling an attacker t...

Site Sift Listings (id) Remote SQL Injection Vulnerability

No description provided by source. powered by Site Sift scripts SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : powered by Site Sift DORK 2 : allinurl: "index php go addpage" DO...