CVE-2022-22725

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...

CVE-2024-56786

...

Vulnerability disclosure in aviation

We joined Boeing and United Airlines on a panel recently at the RSA Conference to talk about vulnerability disclosure in the aviation world. The engagement we are now seeing between researchers and industry is a powerful force for positive change. Hopefully this will start to reduce the number of...

PT-2023-33014 · Crates.Io · Ckb

Name of the Vulnerable Software and Affected Versions: OS affected versions not specified Description: The issue concerns the calculation of program load cycles, which may be missed when executing in resume mode. However, since the script execution order is determined, this does not cause network...

DeviceViewer 3.12.0.1 - 'creating user' Denial of Service

!/usr/bin/python Exploit Title: DeviceViewer 3.12.0.1 - 'creating user' DOS buffer overflow Date: 9/23/2019 Exploit Author: x00pwn Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Tested on: Windows 7 Steps to reproduce: ...

CVE-2018-11097

An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash...

muaenduser.staralliance.com XSS vulnerability

Open Bug Bounty ID: OBB-572063 Description| Value ---|--- Affected Website:| muaenduser.staralliance.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Non-Nexus Devices and the Android Security Rewards Program

Google’s decision to limit its Android Security Rewards program to newer Nexus devices clearly puts the Google phones on the top tier of secure mobile devices. It also could ultimately have the effect of putting non-Nexus devices in the line of fire. For now, limiting the rewards program to Nexus...

SEED experiments: buffer overflow vulnerability lab-vulnerability warning-the black bar safety net

! A, experimental description A buffer overflow refers to a program trying to buffer write exceeds the pre-allocated fixed-length data. This vulnerability may be malicious users use to change program flow control, and even code execution of arbitrary fragments. This vulnerability occurs because t...

Google Ups Chrome Rewards, Offers More Money For Exploits

Google is again increasing the amount of money it offers to researchers who report vulnerabilities in Chrome as part of the company’s bug bounty program. Now, researchers will be able to earn $15,000 at the high end of the scale, and Google also is offering more cash for researchers who can submi...

Multiple incorrect permissions in QNX.

TOPIC: Multiple incorrect permissions in QNX. ADVISORY NR: 200202 DATE: Nov 13 2002 VULNERABILITY FOUND BY: 1; One Semicolon CONTACT INFORMATION: http://www.4os.org [email protected] STATUS: QNX Software Systems Ltd was contacted on November 11, 2002. I received prompt replies and was assured that this w...