Denial Of Service (DoS) Through Stack Buffer Overflow

librelp.so is vulnerable to denial of service DoS through stack-based buffer overflow attacks. The vulnerability exists in relpTcpChkPeerName of src/tcp.c where it was possible to overflow the call to snprintf when parsing a malicious x509 certificate, causing a denial of service DoS, and possibl...

Use after free in File#initilialize_copy

In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::Fileinitilializecopy. An attacker that can cause Ruby code to be run can possibly use this to execute arbitrary code...

src-reizen.nl XSS vulnerability

Open Bug Bounty ID: OBB-596669 Description| Value ---|--- Affected Website:| src-reizen.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Samsung Mobile Device Email Application Cross-Site Scripting Vulnerability

Samsung mobile devices are smart mobile devices released by Samsung in South Korea.Android M is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA.Email application is one of the email applications. Email application is one of the email...

CVE-2018-9140

On Samsung mobile devices with M6.0 software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747...

CVE-2018-9140

On Samsung mobile devices with M6.0 software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747...

CVE-2018-8978

Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI...

CVE-2018-8978

Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI...

CVE-2018-7714

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because pixels = 130 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which can raise...

UBUNTU-CVE-2018-6790

An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element...

Low: tomcat7

Issue Overview: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration: As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The upda...

Debian: Security Advisory (DLA-1148-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: python35, python34

Issue Overview: CPython aka Python is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-based buffer overflow and possible arbitrary code execution CVE-2017-1000158 Affected Packages: python35, python34 Issue Correction: Run yum update...

CVE-2017-11695

CVE-2017-11695 : Heap-based buffer overflow in the alloc_segs function of NSS (lib/dbm/src/hash.c) used by Mozilla NSS when processing crafted cert8.db files. Exploitation is context-dependent with unspecified impact per the entry. Public details explicitly describe the overflow but do not specif...

CVE-2017-11695

Heap-based buffer overflow in the allocsegs function in lib/dbm/src/hash.c in Mozilla Network Security Services NSS allows context-dependent attackers to have unspecified impact using a crafted cert8.db file...

Uber: udi-id Query Parameter Can Generate SSL-protected Reflected XSS in https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js Endpoint

Summary The udi-id request parameter at the https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js mobile endpoint is copied into a javascript string encapsulated in double quotation marks, resulting in SSL-protected payloads being reflected unmodified in the application's response. The script-src whitelis...

Uber: lite:sess Query Parameter Can Generate SSL-protected Reflected XSS in https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js Endpoint

Summary The lite:sess request parameter at the https://m.uber.com/0-dfffb25d2cf6ceeb0a27.js mobile endpoint is copied into a javascript string encapsulated in double quotation marks, resulting in SSL-protected payloads being reflected unmodified in the application's response. The script-src...

CVE-2017-17104

Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in dapur/apps/apptheme/libs/checkfile.php via $GET'src' or $GET'name'...

Arbitrary file deletion

Fiyo CMS 2.0.7 has an arbitrary file read vulnerability in dapur/apps/apptheme/libs/checkfile.php via $GET'src' or $GET'name'...

Wget HTTP integer overflow Exploit

Exploit for linux platform in category dos / poc wget HTTP integer overflow Exploit https://xorl.wordpress.com/2017/11/11/cve-2017-13089-wget-http-integer-overflow/ That’s an interesting vulnerability in GNU wget. According to the wget project, this was reported by Antti Levomäki, Christian Jalio...