Логотип exploitDog
source:"github"
Консоль
Логотип exploitDog

exploitDog

source:"github"

Количество 313 281

Количество 313 281

github логотип

GHSA-2px7-xv8g-h9p8

19 дней назад

IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-2px7-h34w-p42c

больше 3 лет назад

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-2px7-682p-g6gg

больше 3 лет назад

An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that could lead to a denial-of-service (DoS) on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVSS3: 5.5
EPSS: Низкий
github логотип

GHSA-2px6-vpqc-46h5

больше 3 лет назад

IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted.

EPSS: Низкий
github логотип

GHSA-2px6-cp37-hh2h

больше 3 лет назад

Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL.

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-2px6-897q-9wvw

больше 3 лет назад

A vulnerability has been identified in Simcenter Femap 2020.2 (All versions < V2020.2.MP3), Simcenter Femap 2021.1 (All versions < V2021.1.MP3). The femap.exe application lacks proper validation of user-supplied data when parsing FEMAP files. This could result in an out of bounds write past the end of an allocated structure, a different vulnerability than CVE-2021-27387. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12820)

EPSS: Низкий
github логотип

GHSA-2px6-5qxv-8594

почти 3 года назад

Netlogon RPC Elevation of Privilege Vulnerability

CVSS3: 8.1
EPSS: Низкий
github логотип

GHSA-2px5-xhf9-x464

больше 3 лет назад

An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-2px5-v96w-8g69

5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memleak due to fentry attach failure If it fails to attach fentry, the allocated bpf trampoline image will be left in the system. That can be verified by checking /proc/kallsyms. This meamleak can be verified by a simple bpf program as follows: SEC("fentry/trap_init") int fentry_run() { return 0; } It will fail to attach trap_init because this function is freed after kernel init, and then we can find the trampoline image is left in the system by checking /proc/kallsyms. $ tail /proc/kallsyms ffffffffc0613000 t bpf_trampoline_6442453466_1 [bpf] ffffffffc06c3000 t bpf_trampoline_6442453466_1 [bpf] $ bpftool btf dump file /sys/kernel/btf/vmlinux | grep "FUNC 'trap_init'" [2522] FUNC 'trap_init' type_id=119 linkage=static $ echo $((6442453466 & 0x7fffffff)) 2522 Note that there are two left bpf trampoline images, that is because the libbpf will fallback to raw tracepoint i...

CVSS3: 5.5
EPSS: Низкий
github логотип

GHSA-2px5-5x79-9wwj

больше 3 лет назад

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-2px4-mq97-cwm9

почти 4 года назад

nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service.

EPSS: Низкий
github логотип

GHSA-2px4-jf33-3273

11 дней назад

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly elevating the risk.

CVSS3: 8.6
EPSS: Низкий
github логотип

GHSA-2px4-3jpx-h38h

5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Reference hid_device devm allocation of input_dev name Use hid_device for devm allocation of the input_dev name to avoid a use-after-free. input_unregister_device would trigger devres cleanup of all resources associated with the input_dev, free-ing the name. The name would subsequently be used in a uevent fired at the end of unregistering the input_dev.

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-2px4-35vj-j3x5

9 месяцев назад

TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

CVSS3: 6.3
EPSS: Низкий
github логотип

GHSA-2px3-r3pv-j539

5 месяцев назад

A weakness has been identified in Campcodes Computer Sales and Inventory System 1.0. The impacted element is an unknown function of the file /pages/sup_searchfrm.php?action=edit. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.

CVSS3: 7.3
EPSS: Низкий
github логотип

GHSA-2px3-mvqp-56jf

больше 1 года назад

Due to insufficient encoding of user-controlled inputs, SAP NetWeaver AS Java allows malicious scripts to be executed in the login application. This has a limited impact on confidentiality and integrity of the application. There is no impact on availability.

CVSS3: 4.8
EPSS: Низкий
github логотип

GHSA-2px3-m69v-2qf4

около 1 года назад

The BMLT Meeting Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bmlt_meeting_map' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVSS3: 6.4
EPSS: Низкий
github логотип

GHSA-2px3-3vqh-4m6q

больше 3 лет назад

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

EPSS: Низкий
github логотип

GHSA-2px3-3hpp-ch4w

больше 3 лет назад

Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.

CVSS3: 5.9
EPSS: Низкий
github логотип

GHSA-2px2-qp8h-gwrq

больше 3 лет назад

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
github логотип
GHSA-2px7-xv8g-h9p8

IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.

CVSS3: 5.3
0%
Низкий
19 дней назад
github логотип
GHSA-2px7-h34w-p42c

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

CVSS3: 7.8
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2px7-682p-g6gg

An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that could lead to a denial-of-service (DoS) on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVSS3: 5.5
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2px6-vpqc-46h5

IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2px6-cp37-hh2h

Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL.

CVSS3: 5.3
1%
Низкий
больше 3 лет назад
github логотип
GHSA-2px6-897q-9wvw

A vulnerability has been identified in Simcenter Femap 2020.2 (All versions < V2020.2.MP3), Simcenter Femap 2021.1 (All versions < V2021.1.MP3). The femap.exe application lacks proper validation of user-supplied data when parsing FEMAP files. This could result in an out of bounds write past the end of an allocated structure, a different vulnerability than CVE-2021-27387. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12820)

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2px6-5qxv-8594

Netlogon RPC Elevation of Privilege Vulnerability

CVSS3: 8.1
1%
Низкий
почти 3 года назад
github логотип
GHSA-2px5-xhf9-x464

An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.

CVSS3: 7.8
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2px5-v96w-8g69

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memleak due to fentry attach failure If it fails to attach fentry, the allocated bpf trampoline image will be left in the system. That can be verified by checking /proc/kallsyms. This meamleak can be verified by a simple bpf program as follows: SEC("fentry/trap_init") int fentry_run() { return 0; } It will fail to attach trap_init because this function is freed after kernel init, and then we can find the trampoline image is left in the system by checking /proc/kallsyms. $ tail /proc/kallsyms ffffffffc0613000 t bpf_trampoline_6442453466_1 [bpf] ffffffffc06c3000 t bpf_trampoline_6442453466_1 [bpf] $ bpftool btf dump file /sys/kernel/btf/vmlinux | grep "FUNC 'trap_init'" [2522] FUNC 'trap_init' type_id=119 linkage=static $ echo $((6442453466 & 0x7fffffff)) 2522 Note that there are two left bpf trampoline images, that is because the libbpf will fallback to raw tracepoint i...

CVSS3: 5.5
0%
Низкий
5 месяцев назад
github логотип
GHSA-2px5-5x79-9wwj

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.

CVSS3: 7.8
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2px4-mq97-cwm9

nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service.

0%
Низкий
почти 4 года назад
github логотип
GHSA-2px4-jf33-3273

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly elevating the risk.

CVSS3: 8.6
0%
Низкий
11 дней назад
github логотип
GHSA-2px4-3jpx-h38h

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Reference hid_device devm allocation of input_dev name Use hid_device for devm allocation of the input_dev name to avoid a use-after-free. input_unregister_device would trigger devres cleanup of all resources associated with the input_dev, free-ing the name. The name would subsequently be used in a uevent fired at the end of unregistering the input_dev.

CVSS3: 7.8
0%
Низкий
5 месяцев назад
github логотип
GHSA-2px4-35vj-j3x5

TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

CVSS3: 6.3
6%
Низкий
9 месяцев назад
github логотип
GHSA-2px3-r3pv-j539

A weakness has been identified in Campcodes Computer Sales and Inventory System 1.0. The impacted element is an unknown function of the file /pages/sup_searchfrm.php?action=edit. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.

CVSS3: 7.3
0%
Низкий
5 месяцев назад
github логотип
GHSA-2px3-mvqp-56jf

Due to insufficient encoding of user-controlled inputs, SAP NetWeaver AS Java allows malicious scripts to be executed in the login application. This has a limited impact on confidentiality and integrity of the application. There is no impact on availability.

CVSS3: 4.8
0%
Низкий
больше 1 года назад
github логотип
GHSA-2px3-m69v-2qf4

The BMLT Meeting Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bmlt_meeting_map' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVSS3: 6.4
0%
Низкий
около 1 года назад
github логотип
GHSA-2px3-3vqh-4m6q

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2px3-3hpp-ch4w

Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.

CVSS3: 5.9
0%
Низкий
больше 3 лет назад
github логотип
GHSA-2px2-qp8h-gwrq

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges.

0%
Низкий
больше 3 лет назад

Уязвимостей на страницу