Description: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Link: Visit the GitHub Repository Language: C Owner: Brentlyw Stars: 0 Forks: 0

Description: The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate

Description: Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. Link: Visit the GitHub Repository Language: C++ Owner: IlanDudnik Stars: 0 Forks: 0

Description: Windows Kernel Elevation of Privilege Vulnerability Link: Visit the GitHub Repository Language: C Owner: hackyboiz Stars: 0 Forks: 0

Description: bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers. Link: Visit the GitHub Repository Language: Shell Owner: 0xDTC Stars: 0 Forks: 0

Description: An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file. Link: Visit the GitHub Repository Language: Python Owner: theexploiters Stars: 1 Forks: 0

Description: In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters

Description: A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this

Description: jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. Link: Visit the GitHub Repository Language: Python Owner: hackgiver Stars: 0 Forks: 0

Description: In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.  Link: