CVE-2021-37524
Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in...
CVE-2022-0167
An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting...
USN-5493-2: Linux kernel (HWE) vulnerability
It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free....
USN-5485-2: Linux kernel (OEM) vulnerabilities
It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to...
golang-1.16.15-3.fc35
FEDORA-2022-ffe7dba2cb Packages in this update: golang-1.16.15-3.fc35 Update description: Security fix for CVE-2022-29526 Read More
CVE-2014-3648
The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a...
CVE-2014-3650
Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content. A remote attacker could use these flaws to compromise...
JAHx221 – RCE in copy/pasted PHP compat libraries, json_decode function
Posted by Eldar Marcussen on Jun 30 JAHx221 - RCE in copy/pasted PHP compat libraries, json_decode function =============================================================================== Several PHP compatability libraries contain a potential...
Backdoor.Win32.EvilGoat.b / Weak Hardcoded Credentials
Posted by malvuln on Jun 30 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/20daf01e941f966b21a7ae431faefc65.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.Coredoor.10.a / Authentication Bypass
Posted by malvuln on Jun 30 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/49da40a2ac819103da9dc5ed10d08ddb.txt Contact: malvuln13 () gmail com Media:...