Lucene search
K

2165 matches found

hackapp
hackapp
added 2016/04/01 9:41 a.m.17 views

Five Craft Nights - Base64 encoded String, Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Five Craft Nights published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
NVD
NVD
added 2016/03/09 11:59 a.m.23 views

CVE-2016-0104

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."...

7.6CVSS7.8AI score0.13354EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2016/01/25 12:0 a.m.180 views

Linux Kernel prima WLAN Driver Heap Overflow

/ Coder: Shawn the R0ck, [email protected] Co-worker: Pray3r, [email protected] Compile: arm-linux-androideabi-gcc wextpoc.c --sysroot=$SYSROOT -pie ./a.out wlan0 Boom......shit happens as always;- / include include include include include include include include typedef unsigned char vU8t; defin...

9.3CVSS0.9AI score0.06468EPSS
Exploits4
UbuntuCve
UbuntuCve
added 2016/01/22 12:0 a.m.24 views

CVE-2016-2037

The cpiosafernamesuffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service out-of-bounds write via a crafted cpio file...

6.5CVSS6.8AI score0.05484EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2016/01/13 2:44 p.m.16 views

m.crafttechsolutions.com Open Redirect vulnerability

Vulnerable URL: http://m.crafttechsolutions.com/?task=get=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pageran...

6.9AI score
Exploits0
CVE
CVE
added 2016/01/11 3:0 p.m.49 views

CVE-2015-8333

The CVE-2015-8333 issue affects Huawei VCN500: the Operation and Maintenance Unit (OMU) before V100R002C00SPC200 allows remote authenticated users to change the media server IP address via crafted packets due to improper user privileges. The Huawei security advisory HWPSIRT-2015-07045 notes this ...

7.1CVSS6.5AI score0.00792EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2015/12/15 7:59 p.m.13 views

wiki.industrial-craft.net XSS vulnerability

Vulnerable URL: http://wiki.industrial-craft.net/thumb.php?f=xssposed%23%3Cbody%09onload=confirm%28String.fromCharCode%2888,83,83,80,79,83,69,68%29%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 11:16 GMT Vulnerability type:| XSS...

6.3AI score
Exploits0
CNVD
CNVD
added 2015/12/13 12:0 a.m.4 views

Apple Safari WebKit Memory Corruption Arbitrary Code Execution Vulnerability (CNVD-2015-08092)

Apple Safari is a WEB browser developed by Apple. An unspecified memory corruption arbitrary code execution vulnerability exists in Apple Safari WebKit, which allows remote attackers to construct a malicious web page and trick users into parsing it, which could crash the application or execute...

6.8CVSS8.1AI score0.02795EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2015/10/30 10:14 a.m.27 views

CVE-2008-4410

The vmiwriteldtentry function in arch/x86/kernel/vmi32.c in the Virtual Machine Interface VMI in the Linux kernel 2.6.26.5 invokes writeidtentry where writeldtentry was intended, which allows local users to cause a denial of service persistent application failure via crafted function calls, relat...

7.2CVSS6.8AI score0.00381EPSS
Exploits1References2
CNVD
CNVD
added 2015/07/02 12:0 a.m.5 views

Apple QuickTime Memory Corruption Vulnerability (CNVD-2015-04262)

Apple QuickTime is a popular multimedia player. A vulnerability in Apple QuickTime's handling of special movie files allows remote attackers to construct malicious files that can be tricked into being parsed by an application, which can execute arbitrary code in the application context...

6.8CVSS7.6AI score0.03635EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/02 12:0 a.m.6 views

Apple QuickTime Memory Corruption Vulnerability (CNVD-2015-04259)

Apple QuickTime is a popular multimedia player. A vulnerability in Apple QuickTime's handling of special movie files allows remote attackers to construct malicious files that can be tricked into being parsed by an application, which can execute arbitrary code in the application context...

6.8CVSS7.6AI score0.03119EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/10 12:0 a.m.4 views

Adobe Flash Player ASLR Security Protection Bypass Vulnerability

Adobe Flash Player is a Flash file handling program. Adobe Flash Player suffers from an ASLR security protection bypass that allows remote attackers to construct malicious SWF content and trick users into parsing it, which can be used to bypass restrictions and perform malicious actions...

5CVSS6.9AI score0.02443EPSS
Exploits0References1
0day.today
0day.today
added 2015/06/10 12:0 a.m.45 views

Libmimedir VCF Memory Corruption PoC

Libmimedir suffers from a memory corruption vulnerability. Adding two NULL bytes to the end of a VCF file allows a user to manipulate free calls which occur during it's lexer's memory clean-up procedure. This could lead to exploitable conditions such as crafting a specific memory chunk to allow f...

7.5CVSS1AI score0.10669EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2015/05/18 12:0 a.m.32 views

Microsoft Internet Explorer MHTML Content Blocks Information Disclosure - Ver2 (CVE-2011-0096)

MHTML MIME Encapsulation of Aggregate HTML is an Internet standard that defines the MIME structure that is used to wrap HTML content. An information disclosure vulnerability has been reported in Microsoft Windows MHTML protocol. The vulnerability is due to the way MHTML interprets MIME-formatted...

4.3CVSS5.6AI score0.46819EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2015/05/12 12:0 a.m.4 views

Microsoft Internet Explorer Clipboard Information Disclosure (MS15-043: CVE-2015-1692)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer, The vulnerability is due to an improper restriction of access to the clipboard of a user who visits a website. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page...

4.3CVSS5.7AI score0.35623EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/03/10 12:0 a.m.21 views

Microsoft Outlook Web Access Modified Canary Parameter Cross Site Scripting (MS15-026; CVE-2015-1628)

An elevation of privilege vulnerability exists in Microsoft Exchange Server. The vulnerability is caused when Microsoft Exchange Server does not properly sanitize page content in Outlook Web App. A remote attacker can exploit this issue by enticing a victim to open a specially crafted URL...

4.3CVSS6.2AI score0.08876EPSS
Exploits0
CNVD
CNVD
added 2015/03/05 12:0 a.m.7 views

Webshop hun SQL Injection Vulnerability

Webshop hun is a WEB-based application. Webshop hun suffers from a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

7.5CVSS8.1AI score0.02155EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2015/03/05 12:0 a.m.24 views

grep: denial of service

The bmexectrans function in kwset.c allows local users to cause a denial of service out-of-bounds heap read and crash via crafted input when using the -F option. grep's read buffer is often filled to its full size, except when reading the final buffer of a file. In that case, the number of bytes...

2.1CVSS8.7AI score0.00486EPSS
Exploits1References3
NVD
NVD
added 2015/02/27 2:59 a.m.20 views

CVE-2015-0882

Multiple cross-site scripting XSS vulnerabilities in zencart-ja aka Zen Cart Japanese edition 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/initincludes/initsanitize.php and...

4.3CVSS5.7AI score0.02188EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/02/25 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-2507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS9.6AI score0.00897EPSS
Exploits0References2
Rows per page
Query Builder