CVE-2023-41326 Account takeover via Kanban feature in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. A logged user from any profile can hijack the Kanban feature to alter any user field, and end-up with...

CVE-2023-41320 Account takeover via SQL Injection in UI layout preferences in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...

EU launches Bug Bounty program for 14 free open-source products

By Waqas The European Union EU will be offering bug bounty rewards for the 14 open-source products that it uses. The EU’s Member of Parliament Julia Reda announced that the European Commission will offer bounties worth of €851,000 under its Free and Open Source Software Audit FOSSA. Bug bounty...

Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution Exploit

Exploit for linux platform in category local exploits Both of these issues were reported to the Apport maintainers and a fix was released on 2016-12-14. The CrashDB code injection issue can be tracked with CVE-2016-9949 and the path traversal bug with CVE-2016-9950. An additional problem where...

OPENSUSE-SU-2016:1623-1 Security update for Chromium

Chromium was updated to 51.0.2704.103 to fix three vulnerabilities: - CVE-2016-1704: Various fixes from internal audits, fuzzing and other initiatives shared identifier boo985397...

Open Audit - SQL Injection

Open Audit - SQL Injection Exploit Title : Open Audit SQL Injection Vulnerability Exploit Author : Rahul Pratap Singh Date : 2/Jan/2016 Home page Link : https://github.com/jonabbey/open-audit Website : 0x62626262.wordpress.com Twitter : @0x62626262 Linkedin :...

NSAG-195-23.02.2006.txt

Advisory: NSAG-¹195-23.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: FCKeditor 2.0 FC Site of manufacturer: http://www.fckeditor.net The status: 19/11/2005 - Publication is postponed. 19/11/20...

NSA Group Security Advisory NSAG-№196-23.02.2006 Vulnerability FCKeditor 2.2

Advisory: NSAG-№196-23.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: FCKeditor 2.2 Site of manufacturer: http://www.fckeditor.net The status: 19/11/2005 - Publication is postponed. 19/11/2005 ...

Multiple OpenSSL DoS bugs

Few bugs patched during product audit...

Multiple bugzilla bugs

Multiple bugs are fixed during audit...