73 matches found
Design/Logic Flaw
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...
CVE-2020-11104
An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...
Stack overflow
An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...
CVE-2020-11105
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...
CVE-2020-11104
CVE-2020-11104 affects USC iLab cereal up to version 1.3.0. Its serialization of an initialized long double into BinaryArchive/PortableBinaryArchive leaks several bytes of stack/heap memory, enabling leakage of sensitive information (memory layout or private keys) if the archive is distributed in...
CVE-2020-11104
An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...
CVE-2020-11105
CVE-2020-11105 affects USC iLab cereal up to version 1.3.0, where serialization fidelity of std::shared_ptrs can be broken because the library caches shared_ptr raw addresses as identifiers. When a shared_ptr goes out of scope and a new one is allocated at the same address, serialized values may ...
CVE-2020-11105
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...
Improper Restriction of Operations within the Bounds of a Memory Buffer
An issue was discovered in USC iLab cereal. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if the archive is...
Release of Invalid Pointer or Reference
An issue was discovered in USC iLab cereal. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if a std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same address...
s3research.usc.edu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1008579 Security Researcher devl00p Helped patch 2753 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting s3research.usc.edu websi...
crsl.usc.edu Cross Site Scripting vulnerability
Security Researcher devl00p Helped patch 2581 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting crsl.usc.edu website and its users. Following coordinate...
usc-scv.ch XSS vulnerability
Open Bug Bounty ID: OBB-630028 Description| Value ---|--- Affected Website:| usc-scv.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
usc-calis.net XSS vulnerability
Open Bug Bounty ID: OBB-613230 Description| Value ---|--- Affected Website:| usc-calis.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
vectors.usc.edu XSS vulnerability
Open Bug Bounty ID: OBB-605689 Description| Value ---|--- Affected Website:| vectors.usc.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
hospitality.usc.edu XSS vulnerability
Open Bug Bounty ID: OBB-564139 Description| Value ---|--- Affected Website:| hospitality.usc.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
vectors.usc.edu XSS vulnerability
Open Bug Bounty ID: OBB-519258 Description| Value ---|--- Affected Website:| vectors.usc.edu Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...
web-app.usc.edu XSS vulnerability
Open Bug Bounty ID: OBB-452199 Description| Value ---|--- Affected Website:| web-app.usc.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
dornsifecms.usc.edu XSS vulnerability
Open Bug Bounty ID: OBB-449420 Description| Value ---|--- Affected Website:| dornsifecms.usc.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
visionsandvoices.usc.edu XSS vulnerability
Open Bug Bounty ID: OBB-427712 Description| Value ---|--- Affected Website:| visionsandvoices.usc.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...