CVE-2016-10250

The jp2colrdestroy function in jp2cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service NULL pointer dereference by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887...

CVE-2016-10250

The jp2colrdestroy function in jp2cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service NULL pointer dereference by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887...

CVE-2016-10250

The jp2colrdestroy function in jp2cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service NULL pointer dereference by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887...

box-designs.com XSS vulnerability

Open Bug Bounty ID: OBB-218870 Description| Value ---|--- Affected Website:| box-designs.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

DEBIAN-CVE-2017-6818

In WordPress before 4.7.3 wp-admin/js/tags-box.js, there is cross-site scripting XSS via taxonomy term names...

CVE-2017-6818

In WordPress before 4.7.3 wp-admin/js/tags-box.js, there is cross-site scripting XSS via taxonomy term names...

CVE-2016-8971

IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference : 1998663...

SemCms asp version search box has SQL injection vulnerability

SemCms is a set of open source foreign trade enterprise website management system, mainly used for foreign trade enterprises, compatible with IE, Firefox and other mainstream browsers.SemCms using php and vb language writing, combined with apache or iis running. SemCms asp version of the search b...

Joomla Sports Predictions 2.1.0.4 Component - Cross-site scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla Component Sports Predictions 2.1.0.4 - Cross-site scripting Date: 2017-02-11 Home : https://extensions.joomla.org/extensions/extension/sports-a-games/tips-a-betts/sports-predictions/ Exploit Author: Persian Hack Team...

Box - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Box published at the 'play' market has multiple vulnerabilities...

pdfbox: XML External Entity vulnerability

It was found that the parsing of XMP and other XML formats in PDF by Apache PDFBox would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks...

UBUNTU-CVE-2016-2399

Integer overflow in the quicktimereadpascal function in libquicktime 1.2.4 and earlier allows remote attackers to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom...

AVM FRITZ!Box Default Password (FTP)

This script detects if the device has a default password set. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:avm:fritz%21os";...

AVM FRITZ!Box Default / no Password (HTTP)

This script detects if the device has: - a default password set - no password set SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Rumble Mail Server 0.51.3135 Cross Site Scripting

Exploit title: Rumble Mail Server v/0.51.3135 = Stored Cross Site Scripting Download Software: https://sourceforge.net/projects/rumble/?source=directory Author: Nassim Asrir Author Company: Henceforth Contact: [email protected] Tested On: Win7 What is Rumble: --------------------------------...

Update for Windows 8.1 OOBE to upgrade to Windows 10

Update for Windows 8.1 OOBE to upgrade to Windows 10 About this update This update is for Windows 8.1 out-of-box experience OOBE. This update lets you start an immediate free upgrade to Windows 10 during the Windows 8.1 OOBE process. This update applies only to the Windows 8.1 OOBE process. It is...

AVM FRITZ!Box Detection (FTP)

FTP based detection of AVM FRITZ!Box devices. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AVM FRITZ!Box Detection (HTTP)

HTTP based detection of AVM FRITZ!Box devices. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AVM FRITZ!Box Detection (SIP)

SIP based detection of AVM FRITZ!Box devices. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AVM FRITZ!Box Detection (UPnP)

UPnP based detection of AVM FRITZ!Box devices. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...