Tagged: Cybersecurity Alert

CWE-601 URL Redirection to Untrusted Site (‘Open Redirect’) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in reDim GmbH CookieHint WP allows PHP Local File Inclusion.This issue affects CookieHint WP: from n/a through 1.0.0. More...

An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. More information : https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash6.md

Buffer overflow vulnerability in function strcat in asan_interceptors.cpp in libming 0.4.8. More information : https://github.com/libming/libming/issues/366

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Codeaffairs Wp Text Slider Widget allows Stored XSS.This issue affects Wp Text Slider Widget: from n/a through 1.0. More information : https://vdp.patchstack.com/database/wordpress/plugin/wp-text-slider-widget/vulnerability/wordpress-wp-text-slider-widget-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve

A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. More information : https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash3.md

An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. More information : https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash2.md

An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. More information : https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash5.md

An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. More information : https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash4.md

Meshtastic is an open source mesh networking solution. The Meshtastic firmware (starting from version 2.5) introduces asymmetric encryption (PKI) for direct messages, but when the `pki_encrypted` flag is missing, the firmware silently falls back...

An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26 allowing attackers to cause a denial of service via crafted PE file. More information : https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash1.md

A vulnerability was identified in code-projects Assessment Management 1.0. This affects an unknown part of the file login.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely....

A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The...

Hemmelig is a messing app with with client-side encryption and self-destructing messages. Prior to version 7.3.3, a Server-Side Request Forgery (SSRF) filter bypass vulnerability exists in the webhook URL validation of the Secret Requests...