41 matches found
CVE-2026-3200
A vulnerability was identified in z-9527 admin 1.0/2.0. The affected element is the function checkName/register/login/getUser/getUsers of the file /server/controller/user.js. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might...
PT-2025-50722
Name of the Vulnerable Software and Affected Versions React versions 19.0.0 through 19.2.1 react-server-dom-parcel versions 19.0.0 through 19.2.1 react-server-dom-turbopack versions 19.0.0 through 19.2.1 react-server-dom-webpack versions 19.0.0 through 19.2.1 Description An information leak issue...
EUVD-2013-4440
Malware in sbrugna...
EUVD-2023-1223
Malicious code in bioql PyPI...
ABB Cylon Aspect 3.08.01 - Remote Code Execution (RCE)
Exploit Title : ABB Cylon Aspect 3.08.01 - Remote Code Execution RCE Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy manageme...
Vue I18n Allows Prototype Pollution in `handleFlatJson`
Vulnerability type: Prototype Pollution Vulnerability Locations: js v9.1 nodemodules/@intlify/message-resolver/index.js v9.2 or later nodemodules/@intlify/vue-i18n-core/index.js Description: The latest version of @intlify/message-resolver 9.1 and @intlify/vue-i18n-core 9.2 or later, previous...
The vulnerability of the elisp-completion-at-point() and elisp-flymake-byte-compile() functions in the EMACS text editor’s Lisp mode allows attackers to execute arbitrary code.
The vulnerability of the elisp-completion-at-point and elisp-flymake-byte-compile functions in the EMACS text editor’s Lisp mode is related to improper code generation management. Exploiting this vulnerability may allow a remote attacker to execute arbitrary code...
PT-2024-1944 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to errors in pointer dereferencing in functions such as create dir, kobject del, kobject cleanup, and kobj child ns ops in the Linux kernel's b/kobject.c library...
PT-2023-35676 · Git +1 · Htslib
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the following functions: process one read, cram encode container, and cram flus...
Reentrancy is possible in claim functions, which call out via .call().
Lines of code Vulnerability details Impact Reentrancy is possible in claim functions, which call out via .call. Proof of Concept The claimConcentratedRewards Function & claimAmbientRewards Function The claim functions that are vulnerable to reentrancy are: For...
Lack of Oracle Price Validation in rUSDY
Lines of code Vulnerability details Summary Ondo's custom oracle, RWADynamicOracle, is responsible for delivering the price of USDY to the rUSDY token contract. The oracle is called in four different functions for the price of USDY; the results of which are also used in core functions in the toke...
Malicious proposal can drain the treasury contract and bypass the gscAllowance[token] check
Lines of code Vulnerability details Impact Malicious proposal can drain the treasury contract and bypass the gscAllowancetoken check Proof of Concept See this two function: function gscSpend address token, uint256 amount, address destination external onlyRoleGSCCOREVOTINGROLE nonReentrant if...
PT-2023-23621 · Sap · S4Core +1
Name of the Vulnerable Software and Affected Versions: SAP APPL versions 500 through 618 S4CORE version 100 Description: The Vendor Master Hierarchy does not perform necessary authorization checks for an authenticated user to access some of its functions. This could lead to modification of data...
PT-2023-2723 · Microsoft · Sharepoint Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is...
CVE-2023-26122
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution "RCE". Vulnerable functions: defineGetter, stack,...
Sandbox Bypass
Overview safe-eval is a Safer version of eval Affected versions of this package are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution "RCE"...
PT-2023-33497 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.19 Description: A potential memory leak issue was identified in the vdpasim net init and vdpasim blk init functions. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2022-5965 · Microsoft · Sharepoint Server +2
Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Microsoft SharePoint Foundatio...
ELFXtract - An Automated Analysis Tool Used For Enumerating ELF Binaries
ELFXtract is an automated analysis tool used for enumerating ELF binaries Powered by Radare2 and r2ghidra This is specially developed for PWN challenges and it has many automated features It almost displays every details of the ELF and also decompiles its ASM to C code using r2ghidra Decompiling...
RUSTSEC-2021-0123 Converting `NSString` to a String Truncates at Null Bytes
Methods of NSString for conversion to a string may return a partial result. Since they call CStr::fromptr on a pointer to the string buffer, the string is terminated at the first null byte, which might not be the end of the string. In addition to the vulnerable functions listed for this issue, th...