B&R Security Vulnerabilities

CVE-2023-47210

Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell...

r-sky.co.jp Improper Access Control vulnerability OBB-3844078

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2023-45745

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2023-39929

Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2023-37301

An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not...

Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC

Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...

CVE-2023-46103

Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local...

CVE-2022-41340

The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature...

CVE-2023-47855

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2021-42047

An issue was discovered in the Growth extension in MediaWiki through 1.36.2. On any Wiki with the Mentor Dashboard feature enabled, users can login with a mentor account and trigger an XSS payload (such as alert) via...

Brocade Enable Login Check Scanner

This module will test a range of Brocade network devices for a privileged logins and report successes. The device authentication mode must be set as 'aaa authentication enable default local'. Telnet authentication, e.g. 'enable telnet authentication', should not be enabled in the device...

CVE-2023-38417

Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent...

CVE-2022-35948

undici is an HTTP/1.1 client, written from scratch for Node.js.=< [email protected] users are vulnerable to CRLF Injection on headers when using unsanitized input as request headers, more specifically, inside the content-type header. Example: import { request } from 'undici' const...

CVE-2023-47210

Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent...

Exploit for OS Command Injection in Php

CVE-2024-4577: PHP CGI Argument Injection (XAMPP) 💀...

Exploit for Injection in Glpi-Project Glpi

Exploit Script Utility...

CVE-2023-46853

In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell...

CVE-2022-40974

Incomplete cleanup in the Intel(R) IPP Cryptography software before version 2021.6 may allow a privileged user to potentially enable information disclosure via local...

CVE-2020-21489

File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self...

CVE-2023-22313

Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local...

Exploit for Command Injection in Ivanti Connect Secure

🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...

Exploit for Injection in Glpi-Project Glpi

CVE-2022-35914 PoC References ...

CVE-2022-41646

Insufficient control flow management in the Intel(R) IPP Cryptography software before version 2021.6 may allow an unauthenticated user to potentially enable information disclosure via local...

CVE-2022-37409

Insufficient control flow management for the Intel(R) IPP Cryptography software before version 2021.6 may allow an authenticated user to potentially enable information disclosure via local...

Arbitrary File Overwrite in Eclipse JGit

Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensiti...

[SECURITY] [DLA 3808-1] intel-microcode security update

Debian LTS Advisory DLA-3808-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost May 04, 2024 https://wiki.debian.org/LTS Package : intel-microcode Version : 3.20240312.1~deb10u1 CVE...

CVE-2022-43320

FeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at...

CVE-2022-36369

Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2023-22338

Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local...

CVE-2022-21812

Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2023-22355

Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local...

Exploit for CVE-2023-6319

Root my webOS TV A simple python script that starts a telnet...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Putty

CVE-2024-31497 POC This vulnerability exploits the biased...

CVE-2023-28736

Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2023-22840

Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local...

CVE-2022-26086

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2022-29486

Improper buffer restrictions in the Hyperscan library maintained by Intel(R) all versions downloaded before 04/29/2022 may allow an unauthenticated user to potentially enable escalation of privilege via network...

CVE-2023-28741

Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local...

Exploit for SQL Injection in Fortinet Forticlient Enterprise Management Server

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection...

CVE-2022-34140

A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username...

imet2000-pal.org Cross Site Scripting vulnerability OBB-3917635

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Important: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329) hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine...

Exploit for Untrusted Pointer Dereference in Microsoft

nullmap A very simple driver manual mapper based on my older...

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in...

Tomcat should not disclose its own version to unauthenticated users

h3. Problem Definition When accessing URLs that aren't under the application context and are not defined in Tomcat, Tomcat returns a 404 along with its own version. h4. +Steps to reproduce problem+ * In a Jira instance with a context called jira for instance, browse http:///non_existent_uri. Make.....

Exploit for CVE-2022-4061

JBWPer | CVE-2022-4061 - JobBoardWP Automatic Mass Tool for...

CVE-2024-27391

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: do not realloc workqueue everytime an interface is added Commit 09ed8bfc5215 ("wilc1000: Rename workqueue from "WILC_wq" to "NETDEV-wq"") moved workqueue creation in wilc_netdev_ifc_init in order to set the...