CVE-2019-11389

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with next at the beginning and nested repetition operators. NOTE: the...

EUVD-2020-11928

Malware in sbrugna...

CVE-2025-53927 MaxKB sandbox bypass

MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the shutil.copy2 method in Python to copy the command they...

FreeBSD : Mozilla -- exploitable crash (bab7386a-582f-11f0-97d0-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bab7386a-582f-11f0-97d0-b42e991fc52e advisory. [email protected] reports: A use-after-free in FontFaceSet resulted in a potentially exploitable...

CVE-2024-26450

An issue exists within Piwigo before v.14.2.0 allowing a malicious user to take over the application. This exploit involves chaining a Cross Site Request Forgery vulnerability to issue a Stored Cross Site Scripting payload stored within an Admin user's dashboard, executing remote JavaScript. This...

CVE-2024-50801

A SQL Injection vulnerability was discovered in AbanteCart 1.4.0 in the update function in publichtml/admin/controller/responses/listinggrid/collections.php. The vulnerability is exploitable via the id parameter...

Linux Distros Unpatched Vulnerability : CVE-2025-1150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfdmalloc of the file libbfd.c of t...

Dell Networking Switches running Enterprise SONiC OS Log Information Disclosure Vulnerability

Dell Networking Switches running Enterprise SONiC OS is an open-source based network operating system from Dell, designed for data center and cloud computing scenarios, supporting a unified network architecture from edge to core to cloud. A log information disclosure vulnerability exists in Dell...

CVE-2020-2798

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: WLS Web Services. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via IIOP, T...

PT-2022-20622 · Dell · Dell Bios

Name of the Vulnerable Software and Affected Versions: Dell BIOS affected versions not specified Description: The issue is related to an Improper Neutralization of Null Byte, which could be exploited by a local authenticated administrator user. This exploitation could occur by sending unexpected...

CVE-2021-2180

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Information Disclosure Vulnerability in RG-WALL 1600 New Next-Generation Firewall of Ruijie Networks Co.

RG-WALL 1600 new next-generation firewall is a firewall that adopts advanced CPU+ASIC hardware chip fusion technology to break through the performance bottleneck of X86 architecture for application layer data detection. An information leakage vulnerability exists in the RG-WALL 1600 New...

CVE-2020-2780

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2016-9067

Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox 50...

CVE-2017-8021

EMC Elastic Cloud Storage ECS before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system...

CVE-2017-0287

creationtimestamp| type| source ---|---|--- 2017-06-23 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42239...

Netplanet SQL Injection

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability netplanet dettaglio.asp?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.netplanet.it/ Persian Gulf 4 Ever! Dork : "Powered by netplanet" "inurl:dettaglio.asp?id="...

ezBoard Cross Site Scripting Vulnerability

Advisory Name:ezBoard Cross Site Scripting Vulnerability Release Date: Feb 24,2004 Application: ezBoard Version Affected: 7.3u or lower? Vendor URL: http://www.ezboard.com/ Discover: Cheng Peng Suapplesoupatmsn.com Proof of Concept: This vuln is from font,ezBoard doesn't filter illegal characters...

innd-2.2.2.txt

Newest innd 2.2.2, probably the most popular usenet news server as well as previous versions contain remotely exploitable, trivial on-stack buffer overflow in control articles handler. Offending piece of code in innd/art.c, function ARTcancelverify: if !EQlocal, p files = NULL; voidsprintfbuff,...