Adobe Flash - Out-of-Bounds Read when Placing Object

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=794 There is an out of bounds read when placing a corrupt image. This issue might be exploitable, depending on what is read. A PoC is attached. To reproduce issue, put both files on a server, and load:...

Adobe Flash - Out-of-Bounds Read when Placing Object

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=794 There is an out of bounds read when placing a corrupt image. This issue might be exploitable, depending on what is read. A PoC is attached. To reproduce issue, put both files ...

CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

Oracle Solaris Critical Patch Update : apr2016_SRU11_3_6_5_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Fwflash. The supported version that is affected is 11.3. Easily exploitable vulnerability allows high privileged...

Oracle Fixes 136 Vulnerabilities With April CPU

Oracle fixed 136 vulnerabilities across 46 different products this week as part of its quarterly Critical Patch Update. More than half of the CVEs, 72, could be remotely exploitable without authentication. Fixes for a slew of products, including Oracle’s Database Server, E-Business Suite, Fusion...

American Fuzzy Lop Utilities: afl-utils

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization afl-utils is a collection of utilities to assist fuzzing with american-fuzzy-lop afl . afl-utils includes tools for: automated crash sample collection, verification, reduction and analys...

KLA10794 Multiple vulnerabilities in Oracle MySQL

An unspecified vulnerabilities were found in Oracle MySQL Server. By exploiting these vulnerabilities malicious users can cause denial of service and loss of integrity or obtain sensitive information. These vulnerabilities can be exploited remotely via a vectors related to Packaging, Pluggable...

Axis Network Cameras - Multiple Vulnerabilities

Exploit for hardware platform in category web applications I. ADVISORY INFORMATION ----------------------- Title: Axis Network Cameras Multiple Cross-site scripting Vendor: Axis Communications Class: Improper Input Validation CWE-20 CVE Name: CVE-2015-8256 Remotely Exploitable: Yes Locally...

Axis Network Cameras - Multiple Vulnerabilities

Axis Network Cameras - Multiple Vulnerabilities | | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | 6079 Smith W | | | \ V V / / | | | | | | \ \ doubleplusungood /|| // ||||,|./|/ owning some telescreens... Security Adivisory 2016-04-09 www.orwelllabs.com twt:@orwelllabs I. ADVISORY...

WP Multiple Meta Box v1.0 - SQL Injection Vulnerability

Document Title: =============== WP Multiple Meta Box v1.0 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1818 Release Date: ============= 2016-04-08 Vulnerability Laboratory ID VL-ID: ==================================== 18...

Linux Kernel (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited

Linux Kernel x86 - Disable ASLR by Setting the RLIMITSTACK Resource to Unlimited Source: http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html CVE-2016-3672 - Unlimiting the stack not longer disables ASLR Authors: Hector Marco & Ismael Ripoll CVE: CVE-2016-3672...

kxip.in XSS vulnerability

Vulnerable URL: http://kxip.in/login.php?page=forget=I%20could%20not%20find%20your%20email%20address%20on%20the%20database..to=%22%3E%3Cimg%20src=x%20onerror=alert%28%27XSSPOSED%27%29%3E Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 23:11 GMT...

Firefox Add-On Flaw Leaves Apple And Windows Computers Open To Attack

Researchers warn hundreds of popular Firefox browser extensions are vulnerable to attack that could give hackers control of Mac OS X and Windows computers. Researchers from Northeastern University say the flaw is tied to Firefox’s support for an older browser extension platform and the Mozilla...

Kamailio 4.3.4 - Heap Buffer Overflow

Kamailio 4.3.4 - Heap Buffer Overflow census ID: census-2016-0009 CVE ID: CVE-2016-2385 Affected Products: Kamailio 4.3.4 and possibly previous versions Class: Heap-based Buffer Overflow CWE-122 Remote: Yes Discovered by: Stelios Tsampas Kamailio successor of former OpenSER and SER is an Open...

Remotely Exploitable Bug in Truecaller Puts Over 100 Million Users at Risk

Security researchers have discovered a remotely exploitable vulnerability in Called ID app "Truecaller" that could expose personal details of Millions of its users. Truecaller is a popular service that claims to "search and identify any phone number," as well as helps users block incoming calls o...

khabarovsk.kassy.ru Open Redirect vulnerability

Open Bug Bounty ID: OBB-143114 Description| Value ---|--- Affected Website:| khabarovsk.kassy.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

Solaris 10 (x86) : 152265-01 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Utilities. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromise Solaris. Successful attacks of this...

BigTree 4.2.8 Object Injection / Improper Filename Sanitization

Security Advisory - Curesec Research Team 1. Introduction Affected Product: BigTree 4.2.8 Fixed in: BigTree 4.2.9 Fixed Version Link: https://www.bigtreecms.org/download/ Vendor Website: https://www.bigtreecms.org/ Vulnerability Type: Object Injection & Improper Filename Sanitation Remote...

PivotX 2.3.11 Directory Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to public: 03/15/2016...

Zenphoto 1.4.11 Remote File Inclusion

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Zenphoto 1.4.11 Fixed in: 1.4.12 Fixed Version Link: https://github.com/zenphoto/zenphoto/archive/ zenphoto-1.4.12.zip Vendor Website: http://www.zenphoto.org/ Vulnerability Type: RFI Remote Exploitable: Yes Reported to...