MyBB Hide Thread Content Plugin 1.0 - Information Disclosure

Exploit Title: MyBB Hide Thread Content Plugin 1.0 - Information Disclosure Date: 1/27/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1430 Version: 1.0 Tested on: Windows 10 CVE: CVE-2021-3337 1. Description: This plugin...

MyBB Hide Thread Content 1.0 Information Disclosure

Exploit Title: MyBB Hide Thread Content Plugin 1.0 - Information Disclosure Date: 1/27/2021 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1430 Version: 1.0 Tested on: Windows 10 CVE: CVE-2021-3337 1. Description: This plugin...

Huawei Taurus-AL00A Pointer Double Release Vulnerability

The Huawei Taurus-AL00A is a smartphone from the Chinese company Huawei Huawei. A security vulnerability exists in Huawei Taurus-AL00A version 10.0.0.1 C00E1R1P1. The vulnerability stems from the program not setting multi-thread reentry protection when calling a function. An attacker can exploit...

CVE-2021-3337

The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit...

CVE-2021-3337

The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit...

Hardcoded credentials

The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit...

CVE-2021-3337

The CVE-2021-3337 issue affects the MyBB plugin “Hide-Thread-Content” (through 2021-01-27). The vulnerability allows remote attackers to bypass content-reading restrictions by clicking the reply or quote option in the postbit, leading to information disclosure. Affected component is the Hide-Thre...

CVE-2021-3337

The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit...

MyBB Hide-Thread-Content plugin security vulnerability

MyBB MyBulletinBoard is a free and web-based forum software developed by MyBB MYBB team using PHP and MySQL. The software is easy to use, supports multiple languages, scalable and so on. A security vulnerability exists in the MyBB Hide-Thread-Content plugin through 2021-01-27, which originates fr...

Security Advisory - Pointer Double Free Vulnerability in Huawei Smartphone

There is a pointer double free vulnerability in Huawei smartphone. There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising normal...

CVE-2020-36208

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption...

CVE-2020-36208

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption...

Memory corruption

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability existed in Rust prior to version 0.3.2. The vulnerability stems from a possible thread crossover in a program's non-sending but synchronized type, which could be exploited by an attacker...

Rust Security Vulnerabilities

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust multiqueue2 crate before 0.1.7, which stems from the fact that the non-Send type can be sent to a different thread, resulting in a data contention...

CVE-2020-36208

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption...

CVE-2020-11148

CVE-2020-11148 describes a use-after-free in HIDL when posting events from a callback in a Snapdragon stack (Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile/Wearables). The root cause is that a callback instance can be deleted in a window where an internal mutex is not held and a clo...

CVE-2020-11148

Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

ZynOS rom-0 Flaw Scanner

!/usr/bin/perl ZynOS rom-0 Flaw Scanner Copyright 2021 c Todor Donev https://donev.eu/ $ perl zynosscanner ZynOS rom-0 Flaw Scanner zynosscanner --targets= --threads=10 --redirects=7 --help --targets | Specify the list with addresses that you want to scan. --dump | Dump rom-0 file for each target...

Unspecified Vulnerability in Rust (CNVD-2021-37534)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in thex crate for Rust versions 2020-12-08 and earlier, which stems from thex allowing cross-thread data contention for non-sending types. No details of the vulnerability are...