Byzanz GIF Encoding Denial of Service Vulnerability

Byzanz is a program to record animated GIFs. The GIF encoding in Byzanz fails to properly handle Byzanz debug data logging, allowing remote attackers to conduct denial-of-service attacks or execute arbitrary code...

TWiki Debugenableplugins Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'TWiki Debugenableplugins Remote Code Execution', 'Description' = %q TWiki 4.0.x-6.0.0 contains a vulnerability in the Debug...

TWiki Debugenableplugins Remote Code Execution Exploit

TWiki versions 4.0.x through 6.0.0 contain a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution. This module requires Metasploit: http://metasploit.com/download...

TWiki Debugenableplugins Remote Code Execution

TWiki 4.0.x-6.0.0 contains a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

phpb2b最新版sql注入

简要描述： RT 详细说明： 在faircontrol.php中： function addpost global $charset, $pbuser; if empty$pbuser die"".iconv$charset, "UTF-8//IGNORE", L"pleaseloginfirst"; $thememberid = $pbuser'pbuserid'; $companyid = ''; ifisset$POST'do' && isset$POST'id' pbsubmitcheck'do'; if $this-expo-checkExist$POST'id' &&...

elfutils: integer overflow, leading to a heap-based buffer overflow in libdw

Integer overflow in the checksection function in dwarfbeginelf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed compressed debug section in an ELF...

[SECURITY] Fedora 21 Update: android-tools-20141219git8393e50-2.fc21

The Android Debug Bridge ADB is used to: - keep track of all Android devices and emulators instances connected to or running on a given host developer machine - implement various control commands e.g. "adb shell", "adb pull", etc. for the benefit of clients command-line users, or helper programs...

CVE-2015-1458

Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcoreenableshellaccess and executing the "shell" command...

Nexus 5 Android 5.0 - Local Privilege Escalation

Nexus 5 Android 5.0 - Local Privilege Escalation / CVE-2014-4322 exploit for Nexus Android 5.0 author: retme [email protected] website: retme.net The exploit must be excuted as system privilege and specific SELinux context. If exploit successed,you will gain root privilege and "kernel" SELinux...

VideoLAN VLC Media Player Stack Buffer Overflow Vulnerability

VideoLAN VLC media player is the multimedia player of VideoLAN program. A stack buffer overflow vulnerability exists in multiple files of VideoLAN VLC Media Player in the 'ASFObjectDumpDebug', 'AVIChunkDumpDebuglevel', and 'the MP4BoxDumpStructure' functions are vulnerable to a stack buffer...

openSUSE Security Update : python3-rpm / rpm / rpm-python (openSUSE-SU-2014:1716-1)

This rpm update fixes the following security and non security issues : - honor --noglob in install mode bnc892431 - check for bad invalid name sizes bnc908128 CVE-2014-8118 - create files with mode 0 bnc906803 CVE-2013-6435 This update also includes version updates of rpm-python and python3-rpm...

Festo CECX-X-(C1/M1) Controller Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on March 25, 2014, and is now being released to the NCCIC/ICS-CERT web site. K. Reid Wightman of IOActive, Inc. has identified vulnerabilities in Festo’s CECX-X-C1 and CECX-X-M1 controllers. Festo has decided not to...

大米CMS最新版SQL盲注5绕过防御

简要描述： 大米CMS最新版4.7，SQL盲注 详细说明： 大米CMS最新版4.7，SQL盲注，绕过防御 文件/Web/Lib/Action/PublicAction.class.php： //在线充值或在线订单处理 function shouquan $appath = intvalC'APTYPE'==1?'apjishi':'apdanbao'; requireonce"./Trade/$appath/alipay.config.php"; requireonce"./Trade/$appath/lib/alipaynotify.class.php"; //计算得出通知验证结果...

CVE-2014-9412

Multiple cross-site scripting XSS vulnerabilities in NetIQ Access Manager NAM 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via 1 an arbitrary parameter to roma/jsp/debug/debug.jsp or 2 an arbitrary parameter in a debug.DumpAll action to nps/servlet/webacc, a...

CVE-2014-8724

Cross-site scripting XSS vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATHINFO to the default URI...

Cross site scripting

Cross-site scripting XSS vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATHINFO to the default URI...

CVE-2014-8724

CVE-2014-8724 affects the WordPress plugin W3 Total Cache up to version before 0.9.4.1 . The root cause is improper sanitization of user-supplied input in the HTML comments for the Cache key when the page cache debug info is enabled, allowing a reflected XSS scenario via PATH_INFO to the default ...

CVE-2014-8724

Cross-site scripting XSS vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATHINFO to the default URI...

PT-2014-8691 · Frederick Townes · W3 Total Cache

Name of the Vulnerable Software and Affected Versions: W3 Total Cache plugin versions prior to 0.9.4.1 Description: The issue is related to a cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the Cache key in the HTML-Comments when debug...

Fedora 20 : xen-4.3.3-6.fc20 (2014-15995)

Excessive checking in compatibility mode hypercall argument translation, Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor, fix segfaults and failures in xl migrate --debug Note that Tenable Network Security has extracted the preceding description block directly from the...