Jsish v3.5.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x18e506. This vulnerability can lead to a Denial of Service (DoS). Date published : 2022-01-27 https://github.com/pcmacdon/jsish/issues/72
Jsish v3.5.0 was discovered to contain a SEGV vulnerability via jsi_ArraySpliceCmd at src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS). Date published : 2022-01-27 https://github.com/pcmacdon/jsish/issues/65
Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_ValueIsNumber at src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS). Date published : 2022-01-27 https://github.com/pcmacdon/jsish/issues/70
Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_IncrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS). Date published : 2022-01-27 https://github.com/pcmacdon/jsish/issues/73
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 ( and previous versions via the bot_avatar parameter in SystemSettings.php. Date published : 2022-01-27 https://cxsecurity.com/issue/WLB-2022010093 https://www.exploit-db.com/exploits/50672
An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php. Date published : 2022-01-27 https://cxsecurity.com/issue/WLB-2022010092 https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple%20ChatBot
There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.php#viewUser Date published : 2022-01-27 https://github.com/cskaza/cszcms/issues/33
From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.st_value is read directly from ELF file without checking. If the sym.st_value is...
Dolphinphp v1.5.0 contains a remote code execution vulnerability in /application/common.php#action_log Date published : 2022-01-27 https://gist.github.com/w4nd3r-hya/784a86dda91bdcb3071892e56aacdee2
Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in...
A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code. Date published : 2022-01-27 https://github.com/corrupted-brain/Findings/blob/main/ManageEngine%20XSS.md https://www.manageengine.com/products/service-desk/on-premises/readme.html
Single Connect does not perform an authorization check when using the "sc-assigned-credential-ui" module. A remote attacker could exploit this vulnerability to modify users permissions. The exploitation of this vulnerability might allow a remote attacker...
Single Connect does not perform an authorization check when using the "sc-diagnostic-ui" module. A remote attacker could exploit this vulnerability to access the device information page. The exploitation of this vulnerability might allow a...
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file....