4967 matches found
Micro:bit — A Pocket-sized Programmable Computer
The BBC has unveiled the final design of the Micro:bit — a pocket-sized computer board designed to lure U.K. school children to embedded electronics. The Micro:bit is essentially a codeable computer that lets kids get creative with technology. It measures 5cm by 4cm and will be available in...
CVE-2015-4367
Cross-site scripting XSS vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permission to inject arbitrary web script or HTML via vectors related to block content...
Cross site scripting
Cross-site scripting XSS vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permission to inject arbitrary web script or HTML via vectors related to block content...
CVE-2015-4367
Cross-site scripting XSS vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permission to inject arbitrary web script or HTML via vectors related to block content...
Moodle 'lib/moodlelib.php' Sensitive Information Disclosure Vulnerability
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A sensitive information disclosure vulnerability exists in the Moodle 'lib/moodlelib.php' script. As the theme uses the blocks-regions...
UBUNTU-CVE-2015-2270
lib/moodlelib.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4, when the theme uses the blocks-regions feature, establishes the course state at an incorrect point in the login-validation process, which allows remote attackers to obtain sensitive course...
Microsoft Internet Explorer MHTML Content Blocks Information Disclosure - Ver2 (CVE-2011-0096)
MHTML MIME Encapsulation of Aggregate HTML is an Internet standard that defines the MIME structure that is used to wrap HTML content. An information disclosure vulnerability has been reported in Microsoft Windows MHTML protocol. The vulnerability is due to the way MHTML interprets MIME-formatted...
PHP unserialize() Use-After-Free
Use After Free Vulnerability in unserialize Taoguang Chen - Write Date: 2015.2.3 - Release Date: 2015.3.20 A use-after-free vulnerability was discovered in unserialize with a specially defined object's wakeup magic method that can be abused for leaking arbitrary memory blocks or execute arbitrary...
Telescope 0.9.2 - Markdown Persistent Cross-Site Scripting
Exploit Title: Persistent XSS via Markdown on Telescope = 0.9.2 Date: Aug 22 2014 Exploit Author: shubs Vendor Homepage: http://www.telescopeapp.org/ Software Link: https://github.com/TelescopeJS/Telescope Version: = 0.9.2 CVE : CVE-2014-5144 Telescope 0.9.2 and below suffer from a persistent cro...
Kernel: USB serial: memory corruption flaw
A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the...
PHP DateTimeZone Type Confusion Infoleak
Type Confusion Infoleak Vulnerability in unserialize with DateTimeZone Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A Type Confusion Vulnerability was discovered in unserialize with DateTimeZone object's wakeup magic method that can be abused for leaking arbitrary memory blocks...
kernel: udf: Avoid infinite loop when processing indirect ICBs
A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...
kernel: udf: Avoid infinite loop when processing indirect ICBs
A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...
Cisco ASA SSL VPN Memory Blocks Exhaustion DoS (CSCuq68888)
According to its banner, the version of the Cisco ASA software on the remote device is affected by a vulnerability in the SSL VPN feature due to improper implementation of memory blocks allocation when processing crafted HTTP packets. A remote, unauthenticated attacker can exploit this issue by...
kernel security update
CentOS Errata and Security Advisory CESA-2014:1959 Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS bas...
RHEL 6 : kernel (RHSA-2014:1843)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1843 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
DEBIAN-CVE-2014-8543
libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...
CVE-2014-8543
libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...
UBUNTU-CVE-2014-8543
libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted MM video data...