Type confusion

An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the applicatio...

CVE-2016-8331

An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the applicatio...

CVE-2016-5287

A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox 49.0.2...

SAP Adaptive Server Enterprise 16 - Denial of Service

''' Application: SAP Adaptive Server Enterprise Versions Affected: SAP Adaptive Server Enterprise 16 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 01.02.2016 Reported: 02.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2330839 Author...

SAP NetWeaver KERNEL 7.5 Buffer Overflow

Application: SAP NetWeaver KERNEL Versions Affected: SAP NetWeaver KERNEL 7.0-7.5 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 09.03.2016 Reported: 10.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2295238 Author: Dmitry Yudin...

Internet Bug Bounty: Stack Buffer Overflow in GD dynamicGetbuf

Stack-based buffer over flow in GD dynamicGetbuf - Vulnerable function: imagecreatefromstring - Bug has been reported: https://bugs.php.net/bug.php?id=73280 - Submitted a patch and accepted: https://github.com/php/php-src/commit/cc08cbc84d46933c1e9e0149633f1ed5d19e45e9 - Impact: Remotely...

Fixed in Apache Tomcat JK Connector 1.2.42

Moderate: Buffer Overflow CVE-2016-6808 The IIS/ISAPI specific code implements special handling when a virtual host is present. The virtual host name and the URI are concatenated to create a virtual host mapping rule. The length checks prior to writing to the target buffer for this rule did not...

freeimage -- code execution vulnerability

TALOS reports: An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library...

SAP AS JAVA P4 MSPRuntimeInterface information disclosure

Application: SAP AS JAVA P4 Versions Affected: SAP AS JAVA P4 7.4 Vendor URL: SAP Bugs: Information disclosure Reported: 10.03.2016 Vendor response: 11.03.2016 Date of Public Advisory: 12.10.2016 Reference: SAP Security Note 2331908 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class...

Apple OS X Server ServerDocs Server Weak Password Vulnerability

Apple OS X Server is a set of Unix-based server operating software from Apple, Inc. ServerDocs Server is one of the service components. A weak password vulnerability exists in ServerDocs Server in Apple OS X Server versions prior to 5.2 that support the RC4 encryption algorithm, which can be...

CVE-2016-5284

Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org...

DSA-3672-1 irssi - security update

Bulletin has no description...

Security vulnerabilities fixed in Firefox 49 — Mozilla

A content security policy CSP containing a referrer directive with no values can cause a non-exploitable crash. An out-of-bounds write of a boolean value during text conversion with some unicode characters An out-of-bounds read during the processing of text runs in some pages using...

Kajona 4.7 - Cross-Site Scripting Directory Traversal

Kajona 4.7 - Cross-Site Scripting Directory Traversal Security Advisory - Curesec Research Team 1. Introduction Affected Product: Kajona 4.7 Fixed in: 5.0 Fixed Version Link: https://www.kajona.de/en/Downloads/downloads.getkajona.html Vendor Website: https://www.kajona.de/ Vulnerability Type: XSS...

Kajona 4.7 - Cross-Site Scripting / Directory Traversal

Exploit for php platform in category web applications 1. Introduction Affected Product: Kajona 4.7 Fixed in: 5.0 Fixed Version Link: https://www.kajona.de/en/Downloads/downloads.getkajona.html Vendor Website: https://www.kajona.de/ Vulnerability Type: XSS & Directory Traversal Remote Exploitable:...

MyBB 1.8.6 Data Validation

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: Improper validation of data passed to eval Remote Exploitable: Yes...

Boozt Fashion AB: Make victim buy in attacker's account without any idea - http://www.booztlet.com/

INTRODUCTION ------------------------ During the testing of http://www.booztlet.com/ I have noticed that the account related links available from https://www.boozt.com/ are also available in http://www.booztlet.com/. This should not be the case, as this shop doesn't have a "My account" section...

SAP NetWeaver - buffer overflow vulnerability

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.0-7.5 Vendor URL: SAP Bugs: buffer overflow Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2295238 Author: Dmitry Yudin ERPScan VULNERABILITY INFORMATION Class: Denial ...

SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component (CVE-2016-9563)

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2296909 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XXE...

JVC IP-Camera VN-T216VPRU - Local File Disclosure

Exploit for php platform in category web applications 1. Advisory Information ======================================== Title : JVC IP-Camera VN-T216VPRU Local File Inclusion Vendor Homepage : http://pro.jvc.com/ Remotely Exploitable : Yes Tested on Camera types : VN-T216VPRU Product References :...