Malicious code in nayan-imgur-upload-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b98ebdb98b3110329cb9db3c496ef6fa0d0f21bcf8ec8302746d6f47b0cf884 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11808 Malicious code in nayan-imgur-upload-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b98ebdb98b3110329cb9db3c496ef6fa0d0f21bcf8ec8302746d6f47b0cf884 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SiYuan has an arbitrary file write in the host via /api/asset/upload

Summary The /api/asset/upload endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored XSS via the file write. Impact Arbitrary file write...

Malicious code in imgur-upload-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70fc21112f21105a413aa69a8b3e3f21c53895809a2f5fd20cdbf6dd16baadfc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11144 Malicious code in imgur-upload-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70fc21112f21105a413aa69a8b3e3f21c53895809a2f5fd20cdbf6dd16baadfc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-47464

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function...

CVE-2023-47464

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function...

Code injection

Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function...

PT-2023-8992 · Gl.Inet · Gl-Inet Ax1800

Name of the Vulnerable Software and Affected Versions: GL.iNet AX1800 versions 4.0.0 through 4.4.x Description: The issue is related to insecure permissions, allowing a remote attacker to execute arbitrary code via the "upload API function". This can be achieved by sending a request to the "uploa...

CVE-2023-21640

Memory corruption in Linux when the file upload API is called with parameters having large buffer...

Memory corruption

Memory corruption in Linux when the file upload API is called with parameters having large buffer...

CVE-2023-21640 Buffer Copy Without Checking Size of Input in Linux

Memory corruption in Linux when the file upload API is called with parameters having large buffer...

PT-2023-18304 · Linux · Linux

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to memory corruption in Linux when the file upload API is called with parameters having large buffer. Recommendations: At the moment, there is no information about a newe...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption issue that occurs when the file upload API is called with a parameter that has a large buffer...

CVE-2023-34747

File upload vulnerability in ujcms 6.0.2 via /api/backend/core/web-file-upload/upload...

Cisco Iox 竞争条件问题漏洞

Cisco Iox is a secure development environment from Cisco that combines Cisco IOS and Linux OS for secure network connectivity and development of IOT applications. The Cisco Iox application hosting environment is vulnerable to a contention condition issue, which stems from a contention condition f...

Arbitrary Code Execution

isolated-vm is vulnerable to arbitrary code execution. The vulnerability exists through the ability to instantiate NativeModule from the RAII wrapper, allowing the file upload API to create objects that could run native code...

Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command Execution Vulne

Exploit for linux platform in category web applications Exploit Title: Jfrog Artifactory alert/Vulnerable/" within the file app.html : POST /artifactory/ui/artifact/upload HTTP/1.1 Host: removed User-Agent: removed Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8...

Ubiquiti Inc.: Stored XSS / Bypassing .htaccess protection in http://nodebb.ubnt.com/

Hello, While I was looking at your renewn SSL certificated, I have noticed the following link : http://nodebb.ubnt.com/ I have seen that this link was protected by htaccess password, but I have decided to run a nmap scan. By running the following : sudo nmap -sSV -p- 104.131.159.88 -oA stageph -T...

MediaWiki < 1.23.11 / 1.24.4 / 1.25.3 Multiple Vulnerabilities

Binary data 9472.prm...