5058 matches found
74cms 最新版sql注入漏洞
简要描述: rt 详细说明: 今天之前找了个 刚下下来一会你们就发布新的 WooYun: 74cms SQL注入漏洞 但是最新版 的那个注入跟我发的那个一样的 漏洞文件;wap/company/wapcompanycollectreusme.php 67-85行 elseif$act=="ajaxcollectresumeadd" $resumeid=$POST"resumeid"; $sql="select from ".table"companyfavorites"." where resumeid=$resumeid and companyuid=$SESSIONuid ";...
Mac OS X 10.10 Yosemite Sends User Location and Safari Search Data to Apple
Apple's latest desktop operating system, known as Mac OS X 10.10 Yosemite, sends location and search data of users without their knowledge to Apple's remote servers by default whenever a user queries the desktop search tool Spotlight, which questions users' privacy once again. The technology firm...
CVE-2014-7024
The Hardest Game Collection aka com.lotfun.abuse application 1.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-1575
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage...
Memory corruption
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage...
CVE-2014-1575
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage...
UBUNTU-CVE-2014-1575
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage...
Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2378-1)
Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...
Ubuntu: Security Advisory (USN-2379-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2379-1: Linux kernel vulnerabilities
Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...
Windows 10 Preview Has A Keylogger to Watch Your Every Move
This week Microsoft announced the next version of its Operating system, dubbed WIndows 10, providing Windows 10 Technical Preview release under its "Insider Program" in order to collect feedback from users and help shape the final version of the operating system, but something really went WRONG!...
CVE-2014-3631
The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...
DEBIAN-CVE-2014-3631
The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...
Null pointer dereference
The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...
CVE-2014-3631
The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...
UBUNTU-CVE-2014-3631
The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...
[SECURITY] Fedora 20 Update: pairs-4.14.1-1.fc20
Pairs is a collection of games aimed to help the development of preschool children. With these games the child can improve memory, logic, hearing and even reading skills. Each game can have different themes so the child is stimulated with different and new challenges...
[SECURITY] Fedora 20 Update: juk-4.14.1-1.fc20
Juk is a jukebox, tagger and music collection manager...
Apple CEO Defends iMessage Security
Despite research published last year that demonstrated that Apple has the ability to decrypt users iMessages if it so chooses, Apple CEO Tim Cook said that the company does not hold the encryption key for those messages and couldn’t even produce the plaintext in response to a government order. In...
PT-2014-2325 · Plone +1 · Plone +1
Name of the Vulnerable Software and Affected Versions: Plone versions prior to 4.2.3 Plone version 4.3 before beta 1 Description: The issue allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection. This is related to the queryCatalog.py script...