Vulnerabilities tagged "vuln"

This just comes down to overly verbose error message.The Coindesk website has an API endpoint that normally serves a list of published articles...

There are two bugs here, one that allows an attacker to reset the password of any account, another to bypass 2FA.

A remotely reachable stack-based buffer overflow in the Linux Kernel's TIPC module due to a not performing a bounds check in an edge case.

The first issue, is an incorrect computation in golang impacting `go-ethereum`.Its an interesting case, because a base computation might lead to some issues but it usually isn't a security issue...

Mistrusting some extended attributes, using them to calculate an offset leading to out-of-bound read/write primitives; presumably exploitable since these were used at Pwn2Own.In the `fruit_pread` function will read the `org.netatalk.Metadata` extended attribute which can unauthenticated user can set...

A cool bug in H2O's QUIC implementation leading to disclosing uninitialized memory.Stream data in HTTP/3 comes in an encoding similar to chunked encoding, including an offset in the chain, the data size and teh data itself...

We've got two XSS "puzzles" in unnamed bounty programs, each with somewhat interesting exploit strategies. The original post is worth a read for more insight into the thought process leading to the discovery of each step.

Maybe an issue, maybe not; the Ruby devs seem to think its a non-issue.This is a case of a library allowing some questionable input...

Once again deserialization and RCE through an unprotected viewstate, its kinda silly that this sort of issue continues to persist.The normal `_VIEWSTATE` field is used by some .NET applications to contain a ton of information about the current view state...

The interesting part of this post is the utilization of an external API to result in SSRF, specifically the Google Drive API.