Lucene search
K

4967 matches found

Fedora
Fedora
added 2016/07/29 2:54 a.m.15 views

[SECURITY] Fedora 23 Update: drupal7-views-3.14-1.fc23

You need Views if: You like the default front page view, but you find you want to sort it differently. You like the default taxonomy/term view, but you find you want to sort it differently; for example, alphabetically. You use /tracker, but you want to restrict it to posts of a certain type. You...

1.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

Vulnerability of WebLogic Server software, allowing a remote attacker to compromise protected information

The vulnerability exists in Oracle Mojarra due to incorrect encoding when using the tag or EL-expressions after a script or style block. Exploiting this vulnerability allows malicious individuals to perform cross-site scripting attacks XSS remotely...

4.3CVSS5.2AI score0.04715EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/06/22 12:0 a.m.33 views

ImageMagick 7.x < 7.0.1-10 Multiple Vulnerabilities

The remote Windows host has a version of ImageMagick installed that is 7.x prior to 7.0.1-10. It is, therefore, affected by the following vulnerabilities : - An overflow condition exists in the ReadRLEImage function in rle.c due to improper validation of user-supplied input. An unauthenticated,...

7.8CVSS7.3AI score0.0286EPSS
Exploits0References6
Mageia
Mageia
added 2016/06/13 3:55 p.m.18 views

Updated libjpeg packages fix security vulnerability

Updated libjpeg packages fix security vulnerability: Out-of-Bounds Read in libjpeg-turbo before 1.5.0 via unusually long Blocks in MCU LJT-01-005...

3.2AI score
Exploits0References3
OSV
OSV
added 2016/06/08 10:46 a.m.9 views

SUSE-SU-2016:1528-1 Security update for openssh

openssh was updated to fix three security issues. These security issues were fixed: - CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to...

9.8CVSS7.5AI score0.37016EPSS
Exploits13References14
Check Point Advisories
Check Point Advisories
added 2016/04/12 12:0 a.m.3 views

Microsoft Windows Secondary Logon Denial of Service (MS16-046: CVE-2016-0135)

A remote denial of service vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way Windows handles memory blocks while using the LSARPC protocol. A remote attacker can exploit this issue by enticing the victim to open a specially crafted file...

7.2CVSS7.7AI score0.01577EPSS
Exploits0
hackapp
hackapp
added 2016/04/01 10:21 a.m.21 views

Castle Blocks - Exported components, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Castle Blocks published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:10 a.m.16 views

Slenderman Blocks - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Slenderman Blocks published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:1 a.m.14 views

Blocks: Lines - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Blocks: Lines published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:59 a.m.10 views

Clever Blocks - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application Clever Blocks published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:48 a.m.10 views

Sticky Blocks Sliding Puzzle - Exported components, External URLs, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Sticky Blocks Sliding Puzzle published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:45 a.m.18 views

Winter Blocks - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Winter Blocks published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 8:49 a.m.24 views

Lucky Blocks For Mcpe - Base64 encoded String, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Lucky Blocks For Mcpe published at the 'play' market has multiple vulnerabilities...

0.1AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/11/13 12:0 a.m.1 views

Drupal Field as Block module information disclosure vulnerability (CNVD-2015-07619)

Drupal is the use of PHP language written in open source content management framework , which consists of a content management system and PHP development framework together.Field as Block module for Drupal is a Drupal field as a block and in the node to display the page is configured to the vario...

5CVSS6.3AI score0.01196EPSS
Exploits0References1
Hacker One
Hacker One
added 2015/09/11 1:18 a.m.14 views

Phabricator: Information leakage through Graphviz blocks

This report amounts to Unsandboxed Command Execution Considered Harmful, which you already suspected: https://secure.phabricator.com/T7785 Graphviz blocks can be used to view a render of any image file readable by the webserver, through the image and shapefile graph node attributes. This alone...

0.5AI score
Exploits0
0day.today
0day.today
added 2015/09/09 12:0 a.m.17 views

PHP unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2015/09/07 12:0 a.m.28 views

PHP 5.6 / 5.5 / 5.4 SplOnjectStorage unserialize() Use-After-Free

Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen - Write Date: 2015.8.27 - Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's deserialization and crafted object's wakeup magic method that ca...

Exploits0
NVD
NVD
added 2015/08/18 6:0 p.m.17 views

CVE-2015-5513

Cross-site scripting XSS vulnerability in the Shibboleth authentication module 6.x-4.x before 6.x-4.2 and 7.x-4.x before 7.x-4.2 for Drupal allows remote authenticated users with the "Administer blocks" permission to inject arbitrary web script or HTML via unspecified vectors related to a login...

2.1CVSS5.5AI score0.00996EPSS
Exploits0References4
Cvelist
Cvelist
added 2015/08/18 5:0 p.m.28 views

CVE-2015-5513

Cross-site scripting XSS vulnerability in the Shibboleth authentication module 6.x-4.x before 6.x-4.2 and 7.x-4.x before 7.x-4.2 for Drupal allows remote authenticated users with the "Administer blocks" permission to inject arbitrary web script or HTML via unspecified vectors related to a login...

5.5AI score0.00996EPSS
Exploits0References4
CVE
CVE
added 2015/08/18 5:0 p.m.39 views

CVE-2015-5513

CVE-2015-5513 affects Drupal via the Shibboleth authentication module (versions 6.x-4.x before 6.x-4.2 and 7.x-4.x before 7.x-4.2). The root cause is an XSS flaw allowing remote authenticated users with the Administer blocks permission to inject arbitrary scripts/HTML through an unspecified vecto...

2.1CVSS5.6AI score0.00996EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder