Логотип exploitDog
source:"github"
Консоль
Логотип exploitDog

exploitDog

source:"github"

Количество 314 375

Количество 314 375

github логотип

GHSA-2v26-28rg-whvc

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (val & 0x08) && (!(val & 0x80)) && ((val & 0x7) == ((val >> 4) & 0x7)) from device then Null pointer dereference occurs. (It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers) Also lm75[] does not serve a purpose anymore after switching to devm_i2c_new_dummy_device() in w83791d_detect_subclients(). The patch fixes possible NULL pointer dereference by removing lm75[]. Found by Linux Driver Verification project (linuxtesting.org). [groeck: Dropped unnecessary continuation lines, fixed multipline alignment]

CVSS3: 5.5
EPSS: Низкий
github логотип

GHSA-2v24-xp2p-2gfc

почти 4 года назад

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-2v24-jcvm-2w9j

больше 3 лет назад

In LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-139666480

EPSS: Низкий
github логотип

GHSA-2v23-4x7f-rh2c

больше 3 лет назад

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-2v22-8745-vp75

почти 2 года назад

SQL Injection vulnerability in Boostmyshop (boostmyshopagent) module for Prestashop versions 1.1.9 and before, allows remote attackers to escalate privileges and obtain sensitive information via changeOrderCarrier.php, relayPoint.php, and shippingConfirmation.php.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-2v22-4548-2w5h

4 месяца назад

Cross-Site Request Forgery (CSRF) vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Cross Site Request Forgery.This issue affects UPC/EAN/GTIN Code Generator: from n/a through <= 2.0.2.

CVSS3: 4.3
EPSS: Низкий
github логотип

GHSA-2rxx-5c8g-m33r

почти 4 года назад

Cross-site scripting (XSS) vulnerability in the JRun Web Server in ColdFusion MX 7.0 allows remote attackers to inject arbitrary script or HTML via the URL, which is not properly quoted in the resulting default 404 error page.

EPSS: Низкий
github логотип

GHSA-2rxv-434v-p63q

больше 3 лет назад

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vulnerability.

CVSS3: 7.5
EPSS: Низкий
github логотип

GHSA-2rxq-9xvm-3j68

около 1 года назад

Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-2rxp-v6pw-ch6m

больше 1 года назад

REXML ReDoS vulnerability

CVSS3: 7.5
EPSS: Низкий
github логотип

GHSA-2rxp-jvfw-cj2r

почти 3 года назад

In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-2rxp-43p2-54mp

больше 3 лет назад

In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).

CVSS3: 5.5
EPSS: Низкий
github логотип

GHSA-2rxp-2ccg-vg6g

почти 4 года назад

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.

CVSS3: 7.5
EPSS: Низкий
github логотип

GHSA-2rxm-39cm-27mj

больше 3 лет назад

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded, leading to a Denial of Service (DoS) condition. This issue only affects Junos OS 17.4 and later releases. Prior releases do not support this feature and are unaffected by this vulnerability. This issue only affects IPv6. IPv4 ARP proxy is unaffected by this vulnerability. This issue affects Juniper Networks Junos OS: 17.4 versions prior to 17.4R2-S9, 17.4R3 on MX Series; 18.1 versions prior to 18.1R3-S9 on MX Series; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3 on MX Series; 18.2X75 versions prior to 18.2X75-D33, 18.2X75-D411, 18.2X75-D420, 18.2X75-D60 on MX Series; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3 on MX Series; 18.4 versions prior to 18.4R1-S5, 18.4R2-S2, 18.4R3 on MX Seri...

EPSS: Низкий
github логотип

GHSA-2rxj-vwp2-v63v

больше 2 лет назад

Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer.

CVSS3: 8.1
EPSS: Низкий
github логотип

GHSA-2rxj-7r53-f46w

больше 3 лет назад

IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.

EPSS: Низкий
github логотип

GHSA-2rxj-58vc-g6vw

почти 4 года назад

Buffer overflow in listmanager earlier than 2.105.1 allows local users to gain additional privileges.

EPSS: Низкий
github логотип

GHSA-2rxh-h6h9-qrqc

больше 5 лет назад

Class destructors causing side-effects when being unserialized in TYPO3 CMS

CVSS3: 8.7
EPSS: Низкий
github логотип

GHSA-2rxh-g7fp-j3f7

почти 4 года назад

WinAce allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

EPSS: Низкий
github логотип

GHSA-2rxh-4vr2-w87x

около 1 месяца назад

In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() If clk_hw_register() fails, the corresponding clk should not be unregistered. To handle errors from loops, clean up partial iterations before doing the goto. So add a clk_hw_unregister(). Then use a while (--i >= 0) loop in the unwind section.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
github логотип
GHSA-2v26-28rg-whvc

In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (val & 0x08) && (!(val & 0x80)) && ((val & 0x7) == ((val >> 4) & 0x7)) from device then Null pointer dereference occurs. (It is possible if tmp = 0b0xyz1xyz, where same literals mean same numbers) Also lm75[] does not serve a purpose anymore after switching to devm_i2c_new_dummy_device() in w83791d_detect_subclients(). The patch fixes possible NULL pointer dereference by removing lm75[]. Found by Linux Driver Verification project (linuxtesting.org). [groeck: Dropped unnecessary continuation lines, fixed multipline alignment]

CVSS3: 5.5
0%
Низкий
больше 1 года назад
github логотип
GHSA-2v24-xp2p-2gfc

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.

CVSS3: 6.5
1%
Низкий
почти 4 года назад
github логотип
GHSA-2v24-jcvm-2w9j

In LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-139666480

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2v23-4x7f-rh2c

In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.

CVSS3: 5.3
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2v22-8745-vp75

SQL Injection vulnerability in Boostmyshop (boostmyshopagent) module for Prestashop versions 1.1.9 and before, allows remote attackers to escalate privileges and obtain sensitive information via changeOrderCarrier.php, relayPoint.php, and shippingConfirmation.php.

CVSS3: 9.8
0%
Низкий
почти 2 года назад
github логотип
GHSA-2v22-4548-2w5h

Cross-Site Request Forgery (CSRF) vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Cross Site Request Forgery.This issue affects UPC/EAN/GTIN Code Generator: from n/a through <= 2.0.2.

CVSS3: 4.3
0%
Низкий
4 месяца назад
github логотип
GHSA-2rxx-5c8g-m33r

Cross-site scripting (XSS) vulnerability in the JRun Web Server in ColdFusion MX 7.0 allows remote attackers to inject arbitrary script or HTML via the URL, which is not properly quoted in the resulting default 404 error page.

0%
Низкий
почти 4 года назад
github логотип
GHSA-2rxv-434v-p63q

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vulnerability.

CVSS3: 7.5
1%
Низкий
больше 3 лет назад
github логотип
GHSA-2rxq-9xvm-3j68

Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS3: 7.8
0%
Низкий
около 1 года назад
github логотип
GHSA-2rxp-v6pw-ch6m

REXML ReDoS vulnerability

CVSS3: 7.5
1%
Низкий
больше 1 года назад
github логотип
GHSA-2rxp-jvfw-cj2r

In Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target username in a download request.

CVSS3: 6.5
0%
Низкий
почти 3 года назад
github логотип
GHSA-2rxp-43p2-54mp

In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).

CVSS3: 5.5
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rxp-2ccg-vg6g

An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.

CVSS3: 7.5
0%
Низкий
почти 4 года назад
github логотип
GHSA-2rxm-39cm-27mj

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded, leading to a Denial of Service (DoS) condition. This issue only affects Junos OS 17.4 and later releases. Prior releases do not support this feature and are unaffected by this vulnerability. This issue only affects IPv6. IPv4 ARP proxy is unaffected by this vulnerability. This issue affects Juniper Networks Junos OS: 17.4 versions prior to 17.4R2-S9, 17.4R3 on MX Series; 18.1 versions prior to 18.1R3-S9 on MX Series; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3 on MX Series; 18.2X75 versions prior to 18.2X75-D33, 18.2X75-D411, 18.2X75-D420, 18.2X75-D60 on MX Series; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3 on MX Series; 18.4 versions prior to 18.4R1-S5, 18.4R2-S2, 18.4R3 on MX Seri...

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2rxj-vwp2-v63v

Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number which will be used in memory allocation. If the attack succeeds in such way, subsequent operations can write past the end of the buffer.

CVSS3: 8.1
0%
Низкий
больше 2 лет назад
github логотип
GHSA-2rxj-7r53-f46w

IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.

1%
Низкий
больше 3 лет назад
github логотип
GHSA-2rxj-58vc-g6vw

Buffer overflow in listmanager earlier than 2.105.1 allows local users to gain additional privileges.

0%
Низкий
почти 4 года назад
github логотип
GHSA-2rxh-h6h9-qrqc

Class destructors causing side-effects when being unserialized in TYPO3 CMS

CVSS3: 8.7
1%
Низкий
больше 5 лет назад
github логотип
GHSA-2rxh-g7fp-j3f7

WinAce allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

1%
Низкий
почти 4 года назад
github логотип
GHSA-2rxh-4vr2-w87x

In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() If clk_hw_register() fails, the corresponding clk should not be unregistered. To handle errors from loops, clean up partial iterations before doing the goto. So add a clk_hw_unregister(). Then use a while (--i >= 0) loop in the unwind section.

0%
Низкий
около 1 месяца назад

Уязвимостей на страницу