DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2022-31129

This High severity vulnerability known as CVE-2022-31129 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CV...

EUVD-2024-0164

Malicious code in bioql PyPI...

Rockwell Automation 5015 - AENFTXT

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : 5015 - AENFTXT Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service...

Rockwell Automation Pavilion8

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Pavilion8 Vulnerability : Missing Encryption of Sensitive Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

apply.umgc.edu Cross Site Scripting vulnerability OBB-2309583

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2020-16743

...

Sophos Intercept X Advanced 代码问题漏洞

Sophos Intercept X Advanced is Sophos UK's Intercept X for devices running on Windows and macOS. Intercept X is the industry's most comprehensive endpoint protection, including robust Endpoint Detection and Response EDR and Extended Detection and Response XDR options. A security vulnerability...

PayloadsAllTheThings

It is an offensive tool for general-purpose. This repository contains a collection of payloads for various purposes, including exploitation and testing. The payloads are not specifically tied to a particular CVE or GHSA ID. The target product/service or framework is not explicitly stated, but the...

CVE-2020-27172

An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...

chanpenpakhaoma.tarad.com Cross Site Scripting vulnerability OBB-1215249

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

samuraibuyer.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1162821 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

CVE-2013-1099

...

AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: AutoCAD DWG and DXF To PDF Converter v2.2 Buffer Overflow Date: 9-5-2015 Software Link: http://www.verypdf.com/autocad-dwg-dxf-to-pdf/dwgdxftopdfsetup.exe Exploit Author: Robbie Corley Contact: email protected Website: CVE:...

Revamped Pwn2Own to Offer $105K in Prizes, Cash From Google for Chrome 0-Days

The Pwn2Own contest at the CanSecWest conference has become one of the landmark events on the calendar each year, as researchers gather with nervous vendors in a tiny room to see who can own which browser on which platform and how quickly. But this year’s contest will have a much different look...

Empire cms backstage to get a shell vulnerability and fix-vulnerability warning-the black bar safety net

The first method: add a custom page 6.0 on experiment success Template management - add custom page - page name casually--file name: xx. asp;. html--the page content--pony copy the contents into it Save the post and then the Admin page Click you can go see your horse, generally in the root...

SLES9: Security update for XFree86-server

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: XFree86-Xnest XFree86-Xvfb XFree86-server More details may also be found by searching for keyword 5012942 within the SuSE Enterprise Server 9 patch database...

Cross site scripting

Cross-site scripting XSS vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormValprofile parameter. NOTE: it is not clear whether this is a distributable product or a site-specific vulnerability...

Multiple Vendor Telnet Client - Env_opt_add Heap Buffer Overflow

source: https://www.securityfocus.com/bid/12919/info Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the 'envoptadd' function in the 'telnet.c' source file, which is apparently common source for all...