9454 matches found
Dolibarr ERP / CRM OS Command Injection
Dolibarr ERP & CRM OS Command Injection =================================== 1. Advisory Information Date published: 2012-4-6 Vendors contacted: Dolibarr Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely Exploitable: Yes Locally Exploitable: Yes 3. Software...
Tresdepicas - SQLi/XSS Multiple Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...
D-Link DCS-5605 Network Surveillance - ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow
D-Link DCS-5605 Network Surveillance - ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow D-Link SecuriCam DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability tested against: Microsoft Windows Server 2003 r2 sp2 Internet Explorer...
Drupal Wishlist Module 6.x / 7.x XSS / CSRF
No description provided by source. Advisory ID: DRUPAL-SA-CONTRIB-2012-042 Project: Wishlist Module 1 third-party module Version: 6.x, 7.x Date: 2012-March-21 Security risk: Moderately critical 2 Exploitable from: Remote Vulnerability: Cross Site Scripting, Cross Site Request Forgery --------...
AST-2012-002: Remote Crash Vulnerability in Milliwatt Application
Asterisk Project Security Advisory - AST-2012-002 Product Asterisk Summary Remote Crash Vulnerability in Milliwatt Application Nature of Advisory Exploitable Stack Buffer Overflow with locally defined data Susceptibility Remote Unauthenticated Sessions Severity Minor Exploits Known No Reported On...
[Onapsis Security Advisory 2012-07] Oracle JD Edwards SawKernel SET_INI Configuration Modification
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory: Oracle JD Edwards SawKernel SETINI Configuration Modification This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...
[Onapsis Security Advisory 2012-05] Oracle JD Edwards JDENET Multiple Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory: Oracle JD Edwards JDENET Multiple Information Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...
[Onapsis Security Advisory 2012-01] Oracle JD Edwards JDENET Arbitrary File Write
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory: Oracle JD Edwards JDENET Arbitrary File Write This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...
[Onapsis Security Advisory 2012-06] Oracle JD Edwards JDENET Large Packets Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory: Oracle JD Edwards JDENET Large Packets Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...
[Onapsis Security Advisory 2012-04] Oracle JD Edwards SawKernel GET_INI Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory: Oracle JD Edwards SawKernel GETINI Information Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...
[Onapsis Security Advisory 2012-02] Oracle JD Edwards Security Kernel Remote Password Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory: Oracle JD Edwards Security Kernel Remote Password Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...
[Onapsis Security Advisory 2012-08] Oracle JD Edwards Security Kernel Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory: Oracle JD Edwards Security Kernel Information Disclosure This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...
Mandriva Update for mozilla MDVSA-2012:022-1 (mozilla)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Update for mozilla MDVSA-2012:022-1 (mozilla)
Check for the Version of mozilla OpenVAS Vulnerability Test Mandriva Update for mozilla MDVSA-2012:022-1 mozilla Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Yealink VOIP Phone - Persistent Cross-Site Scripting
Yealink VOIP Phone - Persistent Cross-Site Scripting ============================================================== Secur-I Research Group Security Advisory SV-2012-005 ============================================================== Title: Yealink VOIP Phone Persistent Cross Site Scripting...
Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product: Yealink Easy VOIP Phone Homepage: http://www.yealink.com/ Impact: Medium Authentication: Required CVE: CVE-2012-1417 Found: 2012-02-21 Author: Narendra Shind...
Mozilla to Fix Libpng Bug in Firefox and Thunderbird
Mozilla is preparing to release a fix for a serious vulnerability in both Firefox and Thunderbird that could result in remote code execution. The update comes just a few days after the company released version 10.0.1 of Firefox, fixing a separate security bug. The new update for Firefox and...
libpng integer overflow — Mozilla
An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable...
MozillaFirefox to 10.0.1 (critical)
MozillaFirefox was updated to 10.0.1 to fix critical bugs and security issue. Following security issue was fixed: CVE-2012-0452: Mozilla developers Andrew McCreight and Olli Pettay found that ReadPrototypeBindings will leave a XBL binding in a hash table even when the function fails. If this...
Firefox 10.x < 10.0.1 Memory Corruption
The installed version of Firefox 10.x is earlier than 10.0.1 and is, therefore, potentially affected by a memory corruption vulnerability. A use-after-free error exists in the method 'nsXBLDocumentInfo::ReadPrototypeBindings' and XBL bindings are not properly removed from a hash table in the even...