CVE-2023-24537 Infinite loop in parsing in go/scanner

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

CVE-2023-24537 Infinite loop in parsing in go/scanner

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

CVE-2023-24537

CVE-2023-24537 affects the Go parser (go/parser) when processing Go source containing //line directives with very large line numbers, causing an infinite loop due to integer overflow. Documents confirm this vulnerability in golang/go and note that patched versions are available in affected distri...

CVE-2023-24537

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

Music Gallery Site v1.0 - SQL Injection on music_list.php

Exploit Title: Music Gallery Site v1.0 - SQL Injection on musiclist.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 21 February 2023 CVE Assigned: CVE-2023-0938 mitre.org nvd.nist.org Author Name: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com Software Link:...

GO-2023-1702 Infinite loop in parsing in go/scanner

Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

Grepmarx - A Source Code Static Analysis Platform For AppSec Enthusiasts

Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features SAST Static Analysis Security Testing capabilities: Multiple languages support: C/C++, C, Go, HTML, Java, Kotlin, JavaScript,...

CVE-2020-23259

An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the JsiStrlen function in the src/jsiChar.c file...

CVE-2022-48435

In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file...

CVE-2022-48435

In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file...

Design/Logic Flaw

In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file...

CVE-2022-48435

CVE-2022-48435 affects JetBrains PhpStorm prior to 2023.1. The vulnerability allows source code to be logged in the local idea.log file due to how PhpStorm handles logging. Reported across multiple sources (NVD/Red Hat/CNNVD and related notices). Impact is framed as information disclosure within ...

PT-2023-15778 · Jetbrains · Phpstorm

Name of the Vulnerable Software and Affected Versions: JetBrains PhpStorm versions prior to 2023.1 Description: The issue allows source code to be logged in the local idea.log file. Recommendations: For versions prior to 2023.1, update to version 2023.1 or later to resolve the issue...

NetIQ / Microfocus Performance Endpoint 5.1 Remote Root / SYSTEM

/ Exploit Title: NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit Date: Jun 2007 Exploit Author: mu-b Vendor Homepage: https://www.microfocus.com/en-us/cyberres/identity-access-management Version: All Tested on: Windows / Solaris x86/SPARC CVE : 0day endpoint-pown-uni.c...

Expense Tracker SQL注入漏洞

Expense Tracker is an expense tracker organized by SourceCode and Projects. Earnings and Expense Tracker App version 1.0 suffers from a SQL injection vulnerability that originates from a sql injection via parameter id...

CVE-2023-25261

Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer Desktop 2023.1.4 and Stimulsoft Designer Web 2023.1.3 and Stimulsoft Viewer Web 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include sour...

Remote code execution

Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer Desktop 2023.1.4 and Stimulsoft Designer Web 2023.1.3 and Stimulsoft Viewer Web 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include sour...

Portion of Twitter’s proprietary source code leaked on GitHub

By Deeba Ahmed Twitter had to file a DMCA request after its source code was found on GitHub. This is a post from HackRead.com Read the original post: Portion of Twitters proprietary source code leaked on GitHub...

Employee Performance Evaluation System v1.0 - File Inclusion / Remote Code Execution Exploit

Exploit Title: Employee Performance Evaluation System v1.0 - File Inclusion and RCE Exploit Author: nu11secur1ty Vendor: https://www.sourcecodester.com/user/257130/activity Software: https://www.sourcecodester.com/php/14617/employee-performance-evaluation-system-phpmysqli-source-code.html...

Rental House Management System 1.0 Cross Site Scripting

Exploit Title: Rental House Management System - Reflected Cross-Site Scripting XSS Date: 25/03/2023 Exploit Author: İsmail Can Durna Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/admin/rentalhousemanagementsystem.zip...