CVE-2024-34155 Stack exhaustion in all Parse functions in go/parser

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

CVE-2024-34155

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

CVE-2024-34155

CVE-2024-34155 concerns the Go tooling stack: parsing Go source with deeply nested literals can panic due to stack exhaustion. The connected advisories confirm this affects core Go components such as the parser, encoding/gob (Decode), and go/build/constraint (Parse) when handling deeply nested in...

CVE-2024-34155

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

GO-2024-3105 Stack exhaustion in all Parse functions in go/parser

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion...

Online Pizza Ordering System 1.0 Insecure Settings

============================================================================================================================================= | Title : Online Pizza Ordering System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

Crime Complaints Reporting Management System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Crime Complaints Reporting Management System 1.0 arbitrary file upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro /...

C-MOR Video Surveillance 5.2401 / 6.00PL01 Cross Site Scripting

Advisory ID: SYSS-2024-021 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Persistent Cross-Site Scripting CWE-79 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05...

Security Bulletin: Multiple vulnerabilities within WebSphere Application and IBM HTTP Server and Java, affect IBM Tivoli Monitoring.

Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server and Java which is included as part of IBM Tivoli Monitoring ITM portal server. have been remediated. Vulnerability Details CVEID:CVE-2024-38472 DESCRIPTION: Apache HTTP Server is vulnerable to server-side request...

CVE-2024-8417 云课网络科技有限公司 Yunke Online School System videobind.html sensitive information in source

A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/educloud/videobind.html. The manipulation leads to inclusion of sensitive information in source code. The attack can be...

MAL-2024-8809 Malicious code in walletv5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cff4fcd790dbc7787f055e2be040f8484d848c82fd64688f5b2aa4edf6e2b932 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Yunke Online School System 安全漏洞

Yunke Online School System is an online school software from Yunke, a Chinese company. A security vulnerability exists in Yunke Online School System version 1.5.5 and prior versions, which originates from unknown code in the file /admin/educloud/videobind.html that can cause the source code to...

FreeBSD-SA-24:14.umtx

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:14.umtx Security Advisory The FreeBSD Project Topic: umtx Kernel panic or Use-After-Free Category: core Module: kern Announced: 2024-09-04 Credits: Synacktiv...

Faculty Evaluation System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Faculty Evaluation System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

LiteSpeed Source Code Disclosure/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LiteSpeed Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions...

Nginx Source Code Disclosure/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nginx Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions 0.7 a...

BIND TKEY Query Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BIND TKEY Query Denial of Service', 'Description' = %q This module sends a malformed TKEY query, which exploits an error in handling TKEY queries...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2024:3061-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3061-1 advisory. - CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType bsc1227353 Tenable has extracted the preceding descripti...

SUSE-SU-2024:3061-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType bsc1227353...

Task Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Task Management System 1.0 CSRF add staff Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0...