lmhunterand
lmhunterand
### Name imhunterand ### Discord Username (if applicable) Homebrew#3841 ### Additional Context Request invitation contribute
## Description Affected of this project `alchemyplatform/alchemy-sdk-js` are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in `rejectPublicSuffixes=false` mode. Due to an issue with the...
it was realized that in some cases unprivileged access to RAPL readings could be exploited as a power-based side-channel against security features including AES-NI (potentially inside a SGX enclave) and...
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects,...
The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not...
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to...
## Description Summary Affected of this project `mongodb/mongo` are vulnerable to HTTP Request Smuggling in the `twisted.web.http` module which makes non-conformant parsing and can lead to desync if requests pass...
السلام عليكم brothers, Im andri, I hope I can meet you again on the island of Bali. update this exploit to python3 because python2 already dead. Regards,
A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby...
## Screenshots Screenshots Add any relevant before/after screenshots here ## How did you test the change? - [ ] iOS Simulator - [ ] iOS Device - [ ] Android...