Логотип exploitDog
source:"github"
Консоль
Логотип exploitDog

exploitDog

source:"github"

Количество 314 458

Количество 314 458

github логотип

GHSA-2jrw-2xf6-7qh4

около 2 лет назад

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `fastlz_decompress`.

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-2jrv-628r-r64r

больше 3 лет назад

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service (reboot) via unspecified vectors.

EPSS: Низкий
github логотип

GHSA-2jrr-xw62-5ggf

больше 3 лет назад

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in process_cipher_tdea. The Samsung ID is SVE-2017-8973 (July 2017).

EPSS: Низкий
github логотип

GHSA-2jrr-ff5x-5jqg

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() When there are multiple ap interfaces on one band and with WED on, turning the interface down will cause a kernel panic on MT798X. Previously, cb_priv was freed in mtk_wed_setup_tc_block() without marking NULL,and mtk_wed_setup_tc_block_cb() didn't check the value, too. Assign NULL after free cb_priv in mtk_wed_setup_tc_block() and check NULL in mtk_wed_setup_tc_block_cb(). ---------- Unable to handle kernel paging request at virtual address 0072460bca32b4f5 Call trace: mtk_wed_setup_tc_block_cb+0x4/0x38 0xffffffc0794084bc tcf_block_playback_offloads+0x70/0x1e8 tcf_block_unbind+0x6c/0xc8 ... ---------

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-2jrq-xvh8-r648

больше 2 лет назад

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.

CVSS3: 7.8
EPSS: Низкий
github логотип

GHSA-2jrq-xcm6-56wv

8 месяцев назад

Listmonk v2.4.0 through v4.1.0 is vulnerable to SQL Injection in the QuerySubscribers function which allows attackers to escalate privileges.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-2jrq-wx46-frqw

больше 3 лет назад

Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4.

CVSS3: 8.8
EPSS: Низкий
github логотип

GHSA-2jrq-j227-qj2h

больше 3 лет назад

Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

EPSS: Низкий
github логотип

GHSA-2jrq-776v-ccc5

больше 2 лет назад

Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS3: 6.5
EPSS: Низкий
github логотип

GHSA-2jrp-x33g-47h4

больше 3 лет назад

Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a terminal is connected remotely using Remote desktop.

EPSS: Низкий
github логотип

GHSA-2jrp-r5x4-hg4w

больше 3 лет назад

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'.

CVSS3: 8.8
EPSS: Средний
github логотип

GHSA-2jrp-jfq7-v896

почти 4 года назад

Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file.

EPSS: Средний
github логотип

GHSA-2jrp-2x8m-mgrv

больше 3 лет назад

Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions.

EPSS: Низкий
github логотип

GHSA-2jrp-274c-jhv3

2 дня назад

Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling

CVSS3: 8.6
EPSS: Низкий
github логотип

GHSA-2jrm-p7gj-p98q

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl, (6) Profession, (7) Country, (8) State, (9) Address, (10) Location, (11) Telephone, (12) VoIP, (13) InstantMessagingIM, (14) Email, (15) HomePage, or (16) Comment parameter. NOTE: some of these details are obtained from third party information.

EPSS: Низкий
github логотип

GHSA-2jrm-gww7-wch2

больше 3 лет назад

Moodle Arbitrary PHP code execution by site admins via Shibboleth configuration

CVSS3: 7.2
EPSS: Низкий
github логотип

GHSA-2jrm-g2xw-8xvr

5 месяцев назад

A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. The affected element is an unknown function of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.

CVSS3: 7.3
EPSS: Низкий
github логотип

GHSA-2jrm-5c9c-9px7

около 2 месяцев назад

To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCreation in the Windows registry. This prevents attackers from using the tilde character to discover hidden files and directories. This vulnerability has been fully addressed in FileMaker Server 22.0.4. The IIS Shortname Vulnerability exploits how Microsoft IIS handles legacy 8.3 short filenames, allowing attackers to infer the existence of files or directories by crafting requests with the tilde (~) character.

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-2jrj-r8hh-8g59

около 3 лет назад

Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to steal user tokens and achieve a full account takeover including access to administrative tools in SAP Commerce.

CVSS3: 6.1
EPSS: Низкий
github логотип

GHSA-2jrj-qmg4-g429

почти 4 года назад

Windows File Server Resource Management Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26827.

CVSS3: 7.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
github логотип
GHSA-2jrw-2xf6-7qh4

Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `fastlz_decompress`.

CVSS3: 7.8
0%
Низкий
около 2 лет назад
github логотип
GHSA-2jrv-628r-r64r

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service (reboot) via unspecified vectors.

1%
Низкий
больше 3 лет назад
github логотип
GHSA-2jrr-xw62-5ggf

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in process_cipher_tdea. The Samsung ID is SVE-2017-8973 (July 2017).

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2jrr-ff5x-5jqg

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() When there are multiple ap interfaces on one band and with WED on, turning the interface down will cause a kernel panic on MT798X. Previously, cb_priv was freed in mtk_wed_setup_tc_block() without marking NULL,and mtk_wed_setup_tc_block_cb() didn't check the value, too. Assign NULL after free cb_priv in mtk_wed_setup_tc_block() and check NULL in mtk_wed_setup_tc_block_cb(). ---------- Unable to handle kernel paging request at virtual address 0072460bca32b4f5 Call trace: mtk_wed_setup_tc_block_cb+0x4/0x38 0xffffffc0794084bc tcf_block_playback_offloads+0x70/0x1e8 tcf_block_unbind+0x6c/0xc8 ... ---------

CVSS3: 7.8
0%
Низкий
больше 1 года назад
github логотип
GHSA-2jrq-xvh8-r648

Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.

CVSS3: 7.8
0%
Низкий
больше 2 лет назад
github логотип
GHSA-2jrq-xcm6-56wv

Listmonk v2.4.0 through v4.1.0 is vulnerable to SQL Injection in the QuerySubscribers function which allows attackers to escalate privileges.

CVSS3: 6.5
0%
Низкий
8 месяцев назад
github логотип
GHSA-2jrq-wx46-frqw

Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4.

CVSS3: 8.8
8%
Низкий
больше 3 лет назад
github логотип
GHSA-2jrq-j227-qj2h

Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2jrq-776v-ccc5

Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS3: 6.5
0%
Низкий
больше 2 лет назад
github логотип
GHSA-2jrp-x33g-47h4

Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a terminal is connected remotely using Remote desktop.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2jrp-r5x4-hg4w

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'.

CVSS3: 8.8
16%
Средний
больше 3 лет назад
github логотип
GHSA-2jrp-jfq7-v896

Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file.

12%
Средний
почти 4 года назад
github логотип
GHSA-2jrp-2x8m-mgrv

Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2jrp-274c-jhv3

Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling

CVSS3: 8.6
0%
Низкий
2 дня назад
github логотип
GHSA-2jrm-p7gj-p98q

Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl, (6) Profession, (7) Country, (8) State, (9) Address, (10) Location, (11) Telephone, (12) VoIP, (13) InstantMessagingIM, (14) Email, (15) HomePage, or (16) Comment parameter. NOTE: some of these details are obtained from third party information.

0%
Низкий
больше 3 лет назад
github логотип
GHSA-2jrm-gww7-wch2

Moodle Arbitrary PHP code execution by site admins via Shibboleth configuration

CVSS3: 7.2
1%
Низкий
больше 3 лет назад
github логотип
GHSA-2jrm-g2xw-8xvr

A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. The affected element is an unknown function of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.

CVSS3: 7.3
0%
Низкий
5 месяцев назад
github логотип
GHSA-2jrm-5c9c-9px7

To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCreation in the Windows registry. This prevents attackers from using the tilde character to discover hidden files and directories. This vulnerability has been fully addressed in FileMaker Server 22.0.4. The IIS Shortname Vulnerability exploits how Microsoft IIS handles legacy 8.3 short filenames, allowing attackers to infer the existence of files or directories by crafting requests with the tilde (~) character.

CVSS3: 5.3
0%
Низкий
около 2 месяцев назад
github логотип
GHSA-2jrj-r8hh-8g59

Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to steal user tokens and achieve a full account takeover including access to administrative tools in SAP Commerce.

CVSS3: 6.1
0%
Низкий
около 3 лет назад
github логотип
GHSA-2jrj-qmg4-g429

Windows File Server Resource Management Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26827.

CVSS3: 7.8
0%
Низкий
почти 4 года назад

Уязвимостей на страницу