14 matches found
DEBIAN-CVE-2026-31671
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...
CVE-2026-31671
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...
CVE-2025-26074
creationtimestamp| type| source ---|---|--- 2025-06-30 17:07:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19946 2025-06-30 19:48:08+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114774041391786813 2025-07-16 14:42:16+00:00| seen|...
CVE-2025-5653
A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/between-date-userreport.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack c...
GHSA-W2RR-38WV-8RRP
creationtimestamp| type| source ---|---|--- 2025-03-20 18:20:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8255 2025-03-20 19:00:50+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114196299759939165 2025-03-20 20:00:50+00:00| published-proof-of-concept|...
GHSA-Q9F5-625G-XM39
creationtimestamp| type| source ---|---|--- 2025-03-20 18:14:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114196115958327030 2025-03-20 18:20:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8257 2026-01-24 21:30:35+00:00| seen|...
CVE-2025-22134
When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visu...
CVE-2025-22134 heap-buffer-overflow with visual mode in Vim < 9.1.1003
When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visu...
CVE-2025-22134
Vim vulnerable to a heap-buffer overflow when switching buffers with Visual mode active via :all. Root cause: Vim does not end Visual mode before opening other windows/buffers, risking access beyond the end of a line. A fix is available in Vim patch 9.1.1003, which properly resets Visual mode and...
CVE-2025-22134 heap-buffer-overflow with visual mode in Vim < 9.1.1003
When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visu...
Wipro Holmes Orchestrator 20.4.1 Report Disclosure
Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Excel Report Download Date: 09/08/2021 Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38147 In the Wipro Holmes Orchestrator 20.4.1...
Semrush: XSS Reflected on my_report
Еще раз привет. На этот раз, кроме HTML-инъекции проходит полноценный XSS в дашбоарде пользователя. Payload: https://www.semrush.com/myreports/api/v1/document%22%3E%3Cimg%20src=x%20onerror=alertdocument.cookie%3E/4007861 PoC: На скрине Impact Кража сессионных куков...
Weblate: ClickJacking on Debug
Proof Of Concept: Related Issue on report 225543 1. Navigate to https://debug.weblate.org 2. As you notice it is forbidden. 3. just vulnerable by clickjacking. 3. Now the user report to CIA to open. 4. Redirect to MaliciousSite.com I uploaded the poc.html Thanks,...
netscapemail.txt
Date: Wed, 29 Jul 1998 10:04:05 +0200 From: Paul Boehm Subject: Re: netscape mail overflowanother one On Tue, Jul 28, 1998 at 08:21:41PM +0200, Paul Boehm wrote: Hi, netscape mail crashes when trying to the attachment ^- save from the following pseudo mime mail: sorry for posting twice, but this ...