2166 matches found
CVE-2015-8954
The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request...
Survival Craft: Exploration - Corrupted files, Dynamic Code Loading, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Survival Craft: Exploration published at the 'play' market has multiple vulnerabilities...
Microsoft Internet Explorer Information Disclosure (MS16-144: CVE-2016-7278)
An information disclosure vulnerability exists in Internet Explorer. The vulnerability is due to the way Internet Explorer do not properly handle objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted website...
pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)
Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384...
CVE-2016-8670
Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via...
openssl: Memory corruption in the ASN.1 encoder
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an...
DEBIAN-CVE-2016-3622
The fpAcc function in tifpredict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service divide-by-zero error via a crafted TIFF image...
GitLab - impersonate Feature Privilege Escalation
GitLab - impersonate Feature Privilege Escalation Exploit Title: GitLab privilege escalation via "impersonate" feature Date: 02-05-2016 Software Link: https://about.gitlab.com/ Version: 8.2.0 - 8.2.4, 8.3.0 - 8.3.8, 8.4.0 - 8.4.9, 8.5.0 - 8.5.11, 8.6.0 - 8.6.7, 8.7.0 Exploit Author: Kaimi Website...
Google Android Remote Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. There is a security vulnerability in the Android Shell, which can be exploited by remote attackers to build special applications, induce application parsing, and elevate privileges...
Android Qualcomm TrustZone elevation of privilege vulnerability
Android is an open source operating system based on Linux. A security vulnerability in Android Qualcomm TrustZone allows remote attackers to exploit the vulnerability to build malicious apps with elevated privileges...
Google Chrome V8 Information Disclosure Vulnerability (CNVD-2016-02824)
Google Chrome is a popular web browser. Google Chrome V8 suffers from an information disclosure vulnerability that allows remote attackers to exploit the vulnerability to build malicious WEB pages that can be parsed by users and can be used to obtain sensitive information...
Winter Craft 3: Mine Build - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Winter Craft 3: Mine Build published at the 'play' market has multiple vulnerabilities...
Mini Craft Mod - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Mini Craft Mod published at the 'play' market has multiple vulnerabilities...
Magic Craft - Base64 encoded String, Customized SSL, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Magic Craft published at the 'play' market has multiple vulnerabilities...
Western Craft: Wild West - Base64 encoded String, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Western Craft: Wild West published at the 'play' market has multiple vulnerabilities...
Fairy Craft 2 - Base64 encoded String, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Fairy Craft 2 published at the 'play' market has multiple vulnerabilities...
City Craft: Building - Base64 encoded String, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application City Craft: Building published at the 'play' market has multiple vulnerabilities...
Fairy Craft - Base64 encoded String, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Fairy Craft published at the 'play' market has multiple vulnerabilities...
Winter Craft 2: Survival - Base64 encoded String, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Winter Craft 2: Survival published at the 'play' market has multiple vulnerabilities...
City Craft 3: TNT Edition - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application City Craft 3: TNT Edition published at the 'play' market has multiple vulnerabilities...