Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05323)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...

Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05324)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...

Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05325)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...

Microsoft .NET Framework Privilege Elevation Vulnerability (3086251)

This host is missing an important security update according to Microsoft Bulletin MS15-092. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS15-092: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251)

The version of Microsoft .NET Framework installed on the remote host is affected by multiple elevation of privilege vulnerabilities due to the RyuJIT compiler not properly optimizing certain parameters, resulting in a code generation error. A remote attacker, by convincing a user to run a malicio...

[SECURITY] Fedora 22 Update: cxf-xjc-utils-2.6.2-1.fc22

The Apache CXF XJC-Utils provides a bunch of utilities for working with JAXB to generate better or more usable code...

jdk8-openjdk: multiple issues

CVE-2014-3566 man-in-the-middle Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6549 arbitrary code execution Incorrect class loader permission check in ClassLoader...

OpenJDK: code generation issue (Hotspot, 8064524)

A flaw was found in the way the Hotspot component in OpenJDK in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions...

PT-2015-3090 · Sap · Sap Hana

Name of the Vulnerable Software and Affected Versions: SAP HANA affected versions not specified Description: The issue is related to incorrect code generation management in the SAP HANA database management system. It allows a remote attacker to inject arbitrary ABAP code. The Extended Application...

OpenJDK: code generation issue (Hotspot, 8064524)

A flaw was found in the way the Hotspot component in OpenJDK in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions...

UBUNTU-CVE-2014-3152

Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a...

UBUNTU-CVE-2014-1733

The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access...

ecshop找回密码功能存在安全隐患

简要描述： 可能随时都能重置用户密码问题 详细说明： user.php 740行 / 修改会员密码 / elseif $action == 'acteditpassword' includeonceROOTPATH . 'includes/libpassport.php'; $oldpassword = isset$POST'oldpassword' ? trim$POST'oldpassword' : null; $newpassword = isset$POST'newpassword' ? trim$POST'newpassword' : ''; $userid =...

PHP-Fusion: source code security analysis report

Several vulnerabilities were discovered in PHP-Fusion 'PHP-Fusion' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Insufficiently...

samba: Multiple heap-based buffer overflows in memory management based on NDR marshalling code output

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call...

ThinkSNS and an arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

A module is not the uploaded file type validation. You can upload any file The code generated location apps\wap\Lib\Action\IndexAction.class.php 2 6 3 row if! empty$FILES'pic''name' // automatically send one picture to Twitter $data'pic' = $FILES'pic'; $data'content' = 'photo-sharing'; $data'from...

Fedora 15 : nip2-7.24.2-1.fc15 / vips-7.24.7-2.fc15 (2011-10808)

7.24 series. Run-time code generation Open via disc mode Workspace as Graph mode for nip2 FITS image format VIPS rewrite Better nibs in paintbox Better TIFF and JPEG load Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

Fedora 14 : nip2-7.24.2-1.fc14 / vips-7.24.7-2.fc14 (2011-10781)

7.24 series. Run-time code generation Open via disc mode Workspace as Graph mode for nip2 FITS image format VIPS rewrite Better nibs in paintbox Better TIFF and JPEG load Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

bozotic HTTP server Denial of Service Vulnerability

bozotic HTTP server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

bozotic HTTP server Denial of Service Vulnerability

This host is running bozotic HTTP server and is prone to Denial of Service Vulnerability OpenVAS Vulnerability Test $Id: gbbozotichttpserverdosvuln.nasl 5263 2017-02-10 13:45:51Z teissa $ bozotic HTTP server Denial of Service Vulnerability Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone...