EUVD-2024-17968

Malicious code in bioql PyPI...

PT-2024-30: Stored DOM-Based Cross-Site Scripting (stored DOM XSS) in Passwork

The vulnerability was identified in Passwork version 6.4.0. The application does not process the data received from the user, which is necessary for safety use during web page formation. Exploitation of the vulnerability is possible for an authorized user and leads to the possibility of executing...

ROS-20220114-02

Vulnerability in Mozilla Thunderbird email client, related to memory usage after memory freeing due to a race condition when playing audio files. Exploitation of the vulnerability could allow an attacker acting remotely to create a specially crafted audio shell, trigger a post-release usage error...

Microsoft Windows Multiple Vulnerabilities (KB4586785)

This host is missing a critical security update according to Microsoft KB4586785 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Zblog1.8 search.asp 跨站漏洞

北洋贱队http://bbs.seceye.org Zblog是基于Asp平台的Blog博客网志程序 search.asp在对用户提交数据处理上存在安全漏洞。 demo: http://localhost/search.asp?q=%3Ciframe+src%3Dhttp%3A%2F%2Fwww.gohack.org+insafe Zblog 1.8 等待官方发补丁 !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from...