141 matches found
Chrome 86 Aims to Bar Abusive Notification Content
Google has added a new feature to Chrome 86 that aims to stomp out abusive notification content. Web notifications are utilized for a variety of applications – such as prompting site visitors to sign up for newsletters. However, they can also be misused for phishing, malware or fake messages that...
chromium-browser: Use after free in WebRTC
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream...
chromium-browser: Use after free in NFC
Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables
Google’s latest version of its browser, Chrome 86, is now being rolled out with 35 security fixes – including a critical bug – and a feature that checks if users have any compromised passwords. As of Tuesday, Chrome 86 is being promoted to the stable channel for Windows, Mac and Linux and will ro...
tki114.com Cross Site Scripting vulnerability OBB-1325018
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Photon OS 3.0: Ansible PHSA-2020-3.0-0078
An update of the ansible package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0078. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid135779;...
Google Chrome To Bar HTTP File Downloads
Google Chrome will soon restrict certain files, like PDFs or executables, from being downloaded via an HTTP connection, if they are loaded on HTTPS webpages. HTTPS indicates that a website has an encrypted connection. When connecting to an HTTP website, browsers merely look up the IP address and...
Cross site scripting
cPanel before 11.54.0.4 allows stored XSS in the WHM Feature Manager interface SEC-86...
CVE-2016-10853
Summary: CVE-2016-10853 affects cPanel before 11.54.0.4, with a stored XSS vulnerability in the WHM Feature Manager interface (SEC-86). Multiple connected sources (NVD/NVD mirror, Red Hat security page, CNVD) corroborate this description. What’s vulnerable: The WHM Feature Manager component of cP...
Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 Shellcode (86 bytes)
Linux/x86 - Reverse TCP ::FFFF:192.168.1.5:4444/TCP Shell /bin/sh + Null-Free + IPv6 Shellcode 86 bytes. Shellcode exploit for Linuxx86 platform Title: Linux/x86 - Reverse TCP shell IPv6 + Null Free Shellcode Author: Kartik Durg Shellcode Length: 86 BYTES Student-ID: SLAE-1233 Note...
Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 (86 bytes)
Title: Linux/x86 - Reverse TCP shell IPv6 + Null Free Shellcode Author: Kartik Durg Shellcode Length: 86 BYTES Student-ID: SLAE-1233 Note https://iamroot.blog/2018/07/29/0x2-shellreversetcpipv6-linux-x86/ Description: Connect-back to IPV6 socket listening on IP ::FFFF:192.168.1.5 and port 4444. /...
Actiontec C1000A Modem - Backdoor Account
Exploit Title: Actiontec C1000A backdoor account Google Dork: NA Date: 11/04/2017 Exploit Author: Joseph McDonagh Vendor Homepage: https://actiontecsupport.zendesk.com/hc/en-us Software Link: N/A Hardware Version: Firmware CAC003-31.30L.86 Tested on: Linux CVE : NA The Actiontec C1000A Modem...
ip96.216-86-152.static.steadfast.net XSS vulnerability
Vulnerable URL: http://ip96.216-86-152.static.steadfast.net/index.php?ErrMsg=--!%3E%22%3E%3C/script%20%3E%3Ciframe/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclose...
Solare Datensysteme Solar-Log Devices 2.8.4-563.5.2-85 - Multiple Vulnerabilities
Solare Datensysteme Solar-Log Devices 2.8.4-563.5.2-85 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Solare Datensysteme GmbH Solar-Log...
Solare Datensysteme Solar-Log Devices 2.8.4-56/3.5.2-85 - Multiple Vulnerabilities
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Solare Datensysteme GmbH Solar-Log 250/300/500/800e/1000/1000 PM+/1200/2000 vulnerable version: Firmware 2.8.4-56 / 3.5.2-85 fixed...
openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1166)
This update for Mozilla Thunderbird to version 45.4.0 fixes the following issues : - When using Thunderbird in a browser like context, for rendering HTML e-mail or feeds, it may be affected by vulnerabilities also fixed in Firefox ESR 45.4. MFSA 2016-86, boo999701 The following bugs were fixed in...
Linux/x86_64 - bindshell Port 5600 - 86 bytes
Linux/x8664 - bindshell Port 5600 - 86 bytes. Shellcode exploit for linx86-64 platform / --------------------------------------------------------------------------------------------------- Linux/x8664 - bindshell PORT: 5600 - 86 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om...
Amazon Linux: Security Advisory (ALAS-2012-86)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-86-1 : file security update
Francisco Alonso of Red Hat Product Security found an issue in the file utility: when checking ELF files, note headers are incorrectly checked, thus potentially allowing attackers to cause a denial of service out-of-bounds read and application crash by supplying a specially crafted ELF file. For...
SmarterMail 8.0 - Multiple XSS Vulnerabilities
No description provided by source. Author: Hoyt LLC Research Target: SmarterMail Version 8.0.4086.25048 Tools: Burp Suite Pro 1.3.09, FuzzDB Description: XSS, Cross Site Scripting in SmarterMail 8.0.4086.25048, CWE-79, CAPEC-86 Keywords: Stored XSS, Reflected XSS, Cross Site Scripting, SmarterMai...