Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Chrome base::debug::ActivityUserData::ActivityUserData Heap Buffer Overflow

Chrome suffers from a heap buffer overflow vulnerability in base::debug::ActivityUserData::ActivityUserData.

Packet Storm
Open in Source
#vulnerability#buffer_overflow#chrome
WebsiteBaker 2.13.3 Cross Site Scripting

WebsiteBaker version 2.13.3 suffers from a cross site scripting vulnerability.

dotclear 2.25.3 Shell Upload

dotclear version 2.25.3 suffers from a remote shell upload vulnerability.

Paradox Security Systems IPR512 Denial Of Service

Paradox Security Systems version IPR512 suffers from a denial of service vulnerability.

CVE-2023-1969: bug_report/SQLi-1.md at main · Gear-D/bug_report

A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file /admin/inventory/manage_stock.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-225406 is the identifier assigned to this vulnerability.

CVE-2021-45985: Lua: bugs

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read.

CVE-2014-125098: Issue 225813002: Fix XSS issues in http_server's dir-listing and error-page.

A vulnerability was found in Dart http_server up to 0.9.5 and classified as problematic. Affected by this issue is the function VirtualDirectory of the file lib/src/virtual_directory.dart of the component Directory Listing Handler. The manipulation of the argument request.uri.path leads to cross site scripting. The attack may be launched remotely. Upgrading to version 0.9.6 is able to address this issue. The name of the patch is 27c1cbd8125bb0369e675eb72e48218496e48ffb. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225356.

GHSA-gv7g-x59x-wf8f: SvelteKit framework has Insufficient CSRF protection for CORS requests

### Summary The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a `+server.js` file, containing endpoint handlers for different HTTP methods. SvelteKit provides out-of-the-box cross-site request forgery (CSRF) protection to its users. The protection is implemented at `kit/src/runtime/server/respond.js`. While the implementation does a sufficient job of mitigating common CSRF attacks, the protection can be bypassed by simply specifying an upper-cased `Content-Type` header value. The browser will not send uppercase characters on form submission, but this check does not block all expected cross-site requests: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests ### Details The CSRF protection is implemented using the code shown below. ``` javascript const forbidden = is_form_content_type(request) && (request.method === 'POST' || request.method === 'PUT' || request.method === 'PATCH' || request.me...

CVE-2023-27805: H3C Magic R100 was discovered stack overflow via the EditSTList interface at /goform/aspForm - HackMD

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.

CVE-2023-27803: H3C Magic R100 was discovered stack overflow via the EdittriggerList interface at /goform/aspForm - HackMD

H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload.