Integer overflow vulnerability in payable function of a smart contract implementation for an Ethereum token, as demonstrated by the smart contract implemented at address 0xB49E984A83d7A638E7F2889fc8328952BA951AbE, an implementation for MillionCoin (MON). Date published : 2021-06-24...
phpIPAM 1.4.3 allows Reflected XSS via app/dashboard/widgets/ipcalc-result.php and app/tools/ip-calculator/result.php of the IP calculator. Date published : 2021-06-23 https://github.com/phpipam/phpipam/issues/3351
Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system...
The blockchain node in FISCO-BCOS V2.7.2 may have a bug when dealing with unformatted packet and lead to a crash. A malicious node can send a packet continuously. The packet is in an incorrect...
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Date published : 2021-06-23 https://github.com/justdan96/tsMuxer/issues/423
Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Date published : 2021-06-23 https://github.com/justdan96/tsMuxer/issues/426 https://github.com/justdan96/tsMuxer/pull/429/files
Divide-by-zero bug in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Date published : 2021-06-23 https://github.com/justdan96/tsMuxer/issues/428 https://github.com/justdan96/tsMuxer/pull/421/files
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Date published : 2021-06-23 https://github.com/justdan96/tsMuxer/issues/427 https://github.com/justdan96/tsMuxer/pull/425/files
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Date published : 2021-06-23 https://github.com/justdan96/tsMuxer/issues/424 https://github.com/justdan96/tsMuxer/pull/422/files
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka...
In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. In affected versions it is very slow for certain classes in BinData to be created. For example BinData::Bit100000, BinData::Bit100001, BinData::Bit100002, BinData::Bit....
Accellion Kiteworks before 7.4.0 allows an authenticated user to perform SQL Injection via LDAPGroup Search. Date published : 2021-06-23 https://github.com/accellion/CVEs/blob/main/CVE-2021-31586.txt https://github.com/accellion/CVEs
Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access. Date published : 2021-06-23 https://github.com/accellion/CVEs/blob/main/CVE-2021-31585.txt https://github.com/accellion/CVEs
Report portal is an open source reporting and analysis framework. Starting from version 3.1.0 of the service-api XML parsing was introduced. Unfortunately the XML parser was not configured properly to prevent XML external entity...