PayTR Ödeme Ve Elektronik Para Kuruluşu A.Ş. Security Vulnerabilities

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919 Esse projeto tem como objetivo criar uma...

Exploit for CVE-2024-23897

PoC para explotar la vulnerabilidad CVE-2024-23897 en versiones...

Exploit for CVE-2021-1678

Gerenciamento da implantação de alterações de associação de...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager

CVE-2022-1388-checker Simple script realizado en bash, para...

Exploit for CVE-2023-38831

Un Hacker En Capital ¡Bienvenido a mi repositorio de GitHub!...

Exploit for Link Following in Git

CVE-2024-32002-Reverse-Shell Este script demuestra cómo...

cremas-para-la-piel.es Cross Site Scripting vulnerability OBB-3877861

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

cremas-para-la-piel.es Cross Site Scripting vulnerability OBB-3895587

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for Out-of-bounds Write in 7-Zip

INFORMATION I haven't posted any poc code anywhere for...

Kadence Blocks Pro < 2.3.8 - Contributor+ Arbitrary Option Access

Description The plugin does not prevent users with at least the contributor role using some of its shortcode's functionalities to leak arbitrary options from the...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN...

Exploit for CVE-2023-38831

OBTENCIÓN DE REVERSE SHELL EXPLOTANDO LA VULNERABILIDAD...

Exploit for CVE-2023-38831

OBTENCIÓN DE REVERSE SHELL EXPLOTANDO LA VULNERABILIDAD...

OPNsense - Cross-Site Scripting

A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense before 23.7 allows attackers to execute arbitrary web scripts or HTML via a crafted...

WBCE CMS v1.6.2 - Remote Code Execution Exploit

...

WBCE CMS v1.6.2 - Remote Code Execution (RCE)

...

WBCE CMS 1.6.2 Remote Code Execution

...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check Chequea si...

Exploit for Deserialization of Untrusted Data in Apache Activemq

Resumen Técnico del Ataque: CVE-2023-46604 El script explota...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919 Nmap script to check vulnerability...

Kadence Blocks Pro < 2.3.8 - Contributor+ Arbitrary Option Access

Description The plugin does not prevent users with at least the contributor role using some of its shortcode's functionalities to leak arbitrary options from the database. PoC 1. ADMIN: Install Kadence Blocks Pro 2. CONTRIBUTOR: Add shortcode to any post and specify/guess the option name and save.....

CVE-2023-43320

An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing the two-factor authentication...

para-bellum.com Cross Site Scripting vulnerability OBB-3928955

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

CVE-2019-19589

The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives. Note: It has been argued that "The vulnerability reported in PDF Embedder Plugin is not valid as the plugin itself doesn't control or manage the file upload...

@cyclonedx/cyclonedx-library Improper Restriction of XML External Entity Reference vulnerability

Impact XML External entity injections could be possible, when running the provided XML Validator on arbitrary input. POC ```js const { Spec: { Version }, Validation: { XmlValidator } } = require('@cyclonedx/cyclonedx-library'); const version = Version.v1dot5; const validator = new...

@cyclonedx/cyclonedx-library Improper Restriction of XML External Entity Reference vulnerability

Impact XML External entity injections could be possible, when running the provided XML Validator on arbitrary input. POC ```js const { Spec: { Version }, Validation: { XmlValidator } } = require('@cyclonedx/cyclonedx-library'); const version = Version.v1dot5; const validator = new...

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

libreoffice security update

[7.1.8.1-12.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Added the --with-hamcrest option to configure. [7.1.8.1] - Remove Red Hat branding - Change vendor to RESF [1:7.1.8.1-12] - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols...

glibc security update

[2.28-251.0.2.2] - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E. Marchesi May-22-2024 Cupertino Miranda - 2.28-251.0.2 ...

(RHSA-2024:3304) Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

glibc bug fix and enhancement update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10.....

glibc security update

An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...

glibc security update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...

[SECURITY] [DLA 3821-1] libreoffice security update

Debian LTS Advisory DLA-3821-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès May 26, 2024 https://wiki.debian.org/LTS Package : libreoffice Version : 1:6.1.5-3+deb10u12 CVE...

Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....

glibc security update

[2.28-251.0.2.1] - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E....

Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....

libreoffice security fix update

[1:5.3.6.1-26.0.1] - adjust color palette to match Redwood style. - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' [1:5.3.6.1-26] - Fix CVE-2022-38745 Empty entry in Java class path - Fix...

Exploit for CVE-2023-33733

CODE INJECTION VULNERABILITY IN REPORTLAB PYTHON LIBRARY...

Exploit for Command Injection in Paloaltonetworks Pan-Os

Vulnerabilidad CVE-2024-3400 Descripción La...

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

Fedora: Security Advisory for abseil-cpp (FEDORA-2024-bb70b21754)

The remote host is missing an update for...

(RHSA-2024:3464) Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...

elektronik-kompendium.de Cross Site Scripting vulnerability OBB-3836416

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

glibc security update

[2.28-251.0.2.2] - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E....

glibc security update

[2.34-100.0.1.2] - Forward-port Oracle patches for ol9-u4 Reviewed by: Jose E....

Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....