Логотип exploitDog
source:"github"
Консоль
Логотип exploitDog

exploitDog

source:"github"

Количество 314 458

Количество 314 458

github логотип

GHSA-38r8-h7g3-wgp4

почти 2 года назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.3.4.2.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-38r7-rv5p-ggwq

больше 3 лет назад

ChakraCore RCE Vulnerability

CVSS3: 7.5
EPSS: Средний
github логотип

GHSA-38r7-794h-5758

3 дня назад

webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects → SSRF + cache persistence

CVSS3: 3.7
EPSS: Низкий
github логотип

GHSA-38r6-jgr4-hw3h

4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct get_control_data for non bytes payload It is possible to craft a topology where sof_get_control_data() would do out of bounds access because it expects that it is only called when the payload is bytes type. Confusingly it also handles other types of controls, but the payload parsing implementation is only valid for bytes. Fix the code to count the non bytes controls and instead of storing a pointer to sof_abi_hdr in sof_widget_data (which is only valid for bytes), store the pointer to the data itself and add a new member to save the size of the data. In case of non bytes controls we store the pointer to the chanv itself, which is just an array of values at the end. In case of bytes control, drop the wrong cdata->data (wdata[i].pdata) check against NULL since it is incorrect and invalid in this context. The data is pointing to the end of cdata struct, so it should never be null.

CVSS3: 7.1
EPSS: Низкий
github логотип

GHSA-38r6-9vxj-5mjq

больше 3 лет назад

Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.

EPSS: Низкий
github логотип

GHSA-38r6-7w5c-g3hj

почти 3 года назад

A relative path traversal vulnerability [CWE-23] in FortiWeb version 7.0.1 and below, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-38r5-v3qg-5qvg

почти 4 года назад

lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.

EPSS: Низкий
github логотип

GHSA-38r5-mjj7-3mh2

почти 4 года назад

Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers to inject arbitrary web script or HTML via error messages in the "/admin.aspx - System Log" page.

EPSS: Низкий
github логотип

GHSA-38r5-jq63-gvw6

около 4 лет назад

Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-38r5-34mr-mvm7

почти 4 года назад

"catalog's registry v2 api exposed on unauthenticated path in Harbor"

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-38r5-289m-7xv4

почти 4 года назад

Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via a malformed URL.

EPSS: Низкий
github логотип

GHSA-38r4-7v7q-xjh5

4 месяца назад

The Bei Fen – WordPress Backup Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.2 via the 'task'. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included. This only affects instances running PHP 7.1 or older.

CVSS3: 8.1
EPSS: Низкий
github логотип

GHSA-38r4-7ccg-8f66

больше 3 лет назад

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.0.1. A malicious application with root privileges may be able to access private information.

EPSS: Низкий
github логотип

GHSA-38r3-5rxm-xmg7

больше 3 лет назад

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setAction method of Link objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4981.

CVSS3: 8.8
EPSS: Низкий
github логотип

GHSA-38r2-j68m-9mr5

больше 3 лет назад

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Master.php?f=delete_message.

CVSS3: 7.2
EPSS: Низкий
github логотип

GHSA-38r2-hrw4-h5h9

почти 3 года назад

Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Essbase accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-38r2-fj75-4896

почти 4 года назад

Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf).

EPSS: Низкий
github логотип

GHSA-38r2-f5rc-fgw9

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: mark codetags for poisoned page as empty When PG_hwpoison pages are freed they are treated differently in free_pages_prepare() and instead of being released they are isolated. Page allocation tag counters are decremented at this point since the page is considered not in use. Later on when such pages are released by unpoison_memory(), the allocation tag counters will be decremented again and the following warning gets reported: [ 113.930443][ T3282] ------------[ cut here ]------------ [ 113.931105][ T3282] alloc_tag was not set [ 113.931576][ T3282] WARNING: CPU: 2 PID: 3282 at ./include/linux/alloc_tag.h:130 pgalloc_tag_sub.part.66+0x154/0x164 [ 113.932866][ T3282] Modules linked in: hwpoison_inject fuse ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 ipt_REJECT nf_reject_ipv4 xt_conntrack ebtable_nat ebtable_broute ip6table_nat ip6table_man4 [ 113.941638][ T3282] CPU: 2 UID: 0 PID: 3282 Comm: ma...

CVSS3: 5.5
EPSS: Низкий
github логотип

GHSA-38r2-56qf-x75g

почти 4 года назад

Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.

EPSS: Низкий
github логотип

GHSA-38r2-5695-334w

почти 2 года назад

TYPO3 Backend Forms vulnerable to Information Disclosure of Hashed Passwords

CVSS3: 4.3
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
github логотип
GHSA-38r8-h7g3-wgp4

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.3.4.2.

CVSS3: 6.5
0%
Низкий
почти 2 года назад
github логотип
GHSA-38r7-rv5p-ggwq

ChakraCore RCE Vulnerability

CVSS3: 7.5
27%
Средний
больше 3 лет назад
github логотип
GHSA-38r7-794h-5758

webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects → SSRF + cache persistence

CVSS3: 3.7
0%
Низкий
3 дня назад
github логотип
GHSA-38r6-jgr4-hw3h

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct get_control_data for non bytes payload It is possible to craft a topology where sof_get_control_data() would do out of bounds access because it expects that it is only called when the payload is bytes type. Confusingly it also handles other types of controls, but the payload parsing implementation is only valid for bytes. Fix the code to count the non bytes controls and instead of storing a pointer to sof_abi_hdr in sof_widget_data (which is only valid for bytes), store the pointer to the data itself and add a new member to save the size of the data. In case of non bytes controls we store the pointer to the chanv itself, which is just an array of values at the end. In case of bytes control, drop the wrong cdata->data (wdata[i].pdata) check against NULL since it is incorrect and invalid in this context. The data is pointing to the end of cdata struct, so it should never be null.

CVSS3: 7.1
0%
Низкий
4 месяца назад
github логотип
GHSA-38r6-9vxj-5mjq

Unrestricted file upload vulnerability in admin/uploader.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.

4%
Низкий
больше 3 лет назад
github логотип
GHSA-38r6-7w5c-g3hj

A relative path traversal vulnerability [CWE-23] in FortiWeb version 7.0.1 and below, 6.4 all versions, 6.3 all versions, 6.2 all versions may allow an authenticated user to obtain unauthorized access to files and data via specifically crafted web requests.

CVSS3: 6.5
0%
Низкий
почти 3 года назад
github логотип
GHSA-38r5-v3qg-5qvg

lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.

0%
Низкий
почти 4 года назад
github логотип
GHSA-38r5-mjj7-3mh2

Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers to inject arbitrary web script or HTML via error messages in the "/admin.aspx - System Log" page.

0%
Низкий
почти 4 года назад
github логотип
GHSA-38r5-jq63-gvw6

Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.

CVSS3: 7.8
0%
Низкий
около 4 лет назад
github логотип
GHSA-38r5-34mr-mvm7

"catalog's registry v2 api exposed on unauthenticated path in Harbor"

CVSS3: 5.3
0%
Низкий
почти 4 года назад
github логотип
GHSA-38r5-289m-7xv4

Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via a malformed URL.

0%
Низкий
почти 4 года назад
github логотип
GHSA-38r4-7v7q-xjh5

The Bei Fen – WordPress Backup Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.2 via the 'task'. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included. This only affects instances running PHP 7.1 or older.

CVSS3: 8.1
0%
Низкий
4 месяца назад
github логотип
GHSA-38r4-7ccg-8f66

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.0.1. A malicious application with root privileges may be able to access private information.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-38r3-5rxm-xmg7

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setAction method of Link objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4981.

CVSS3: 8.8
0%
Низкий
больше 3 лет назад
github логотип
GHSA-38r2-j68m-9mr5

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Master.php?f=delete_message.

CVSS3: 7.2
0%
Низкий
больше 3 лет назад
github логотип
GHSA-38r2-hrw4-h5h9

Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Essbase accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).

CVSS3: 5.3
0%
Низкий
почти 3 года назад
github логотип
GHSA-38r2-fj75-4896

Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf).

4%
Низкий
почти 4 года назад
github логотип
GHSA-38r2-f5rc-fgw9

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: mark codetags for poisoned page as empty When PG_hwpoison pages are freed they are treated differently in free_pages_prepare() and instead of being released they are isolated. Page allocation tag counters are decremented at this point since the page is considered not in use. Later on when such pages are released by unpoison_memory(), the allocation tag counters will be decremented again and the following warning gets reported: [ 113.930443][ T3282] ------------[ cut here ]------------ [ 113.931105][ T3282] alloc_tag was not set [ 113.931576][ T3282] WARNING: CPU: 2 PID: 3282 at ./include/linux/alloc_tag.h:130 pgalloc_tag_sub.part.66+0x154/0x164 [ 113.932866][ T3282] Modules linked in: hwpoison_inject fuse ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 ipt_REJECT nf_reject_ipv4 xt_conntrack ebtable_nat ebtable_broute ip6table_nat ip6table_man4 [ 113.941638][ T3282] CPU: 2 UID: 0 PID: 3282 Comm: ma...

CVSS3: 5.5
0%
Низкий
больше 1 года назад
github логотип
GHSA-38r2-56qf-x75g

Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.

2%
Низкий
почти 4 года назад
github логотип
GHSA-38r2-5695-334w

TYPO3 Backend Forms vulnerable to Information Disclosure of Hashed Passwords

CVSS3: 4.3
0%
Низкий
почти 2 года назад

Уязвимостей на страницу