224 matches found
SAP E-Commerce Code Injection Vulnerability
SAP E-Commerce is a set of e-commerce solutions from Germany's SAP. A code injection vulnerability exists in SAP E-Commerce, which arises from the failure of a network system or product to properly filter specific elements of externally entered data during the construction of a code segment, and...
Phoenix Contact RAD-80211-XD/HP-BUS and Phoenix Contact RAD-80211-XD Command Injection Vulnerability
The Phoenix Contact RAD-80211-XD/HP-BUS and Phoenix Contact RAD-80211-XD are both high power WLAN wireless transceivers from Phoenix Contact, Germany. A command injection vulnerability exists in the PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS, which can be exploited by an attacker to...
Armory - A Tool Meant To Take In A Lot Of External And Discovery Data From A Lot Of Tools, Add It To A Database And Correlate All Of Related Information
Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information. It isn't meant to replace any specific tool. It is meant to take the output from various tools, and use it to feed other tools. Additionally, ...
Find a Place CMS Directory 1.5 - assetsexternaldata_2.php cate SQL Injection
Find a Place CMS Directory 1.5 - assetsexternaldata2.php cate SQL Injection Exploit Title: Find a Place CMS Directory 1.5 - 'assets/external/data2.php cate' SQL Injection Google Dork: inurl:"assets/external/data.php" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa....
modulemd uses an unsafe function for processing externally provided data
modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution...
PT-2019-7860 · Modulemd · Modulemd
Name of the Vulnerable Software and Affected Versions: modulemd versions 1.3.1 and earlier Description: The issue is related to the use of an unsafe function for processing externally provided data, which can lead to remote code execution. Recommendations: For modulemd versions 1.3.1 and earlier,...
The vulnerability of web-based services of microprogramming software for programmable logic controllers from Schneider Electric—Modicon Premium, Modicon Quantum, and Modicon M340—allows a intruder to trigger a service failure.
The vulnerability of web-based services for microprogramming software-controlled Schneider Electric Modicon Premium, Modicon Quantum, and Modicon M340 devices lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor...
UBUNTU-CVE-2017-12082
An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the...
DEBIAN-CVE-2017-12082
An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the...
PT-2018-3107 · Blender Foundation +1 · Blender +1
Name of the Vulnerable Software and Affected Versions: Blender affected versions not specified Description: The issue is caused by an integer overflow in the 'CustomData' Mesh loading functionality. This can be exploited by a specially crafted .blend file with an external data file, leading to a...
The vulnerability of the Apache XML-RPC library (ws-xmlrpc) arises from the possibility of retrieving data from external sources without sufficient verification. This allows attackers to execute arbitrary code.
The vulnerability of the Apache XML-RPC library exists due to the retrieval of data from an external source without sufficient verification. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted serializable Java object, with the use of the...
libntirpc: Memory leak when failing to parse XDR strings or bytearrays
It was found that due to the way rpcbind uses libtirpc libntirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer...
The vulnerability of the xdr_bytes and xdr_string functions in the library that handles system calls and core glibc functions allows a attacker to cause a service failure.
The vulnerabilities of the xdrbytes and xdrstring functions in the library that handles system calls and core glibc functions are related to the reclamation of unreliable data stored in memory after deserialization of buffers. Exploiting these vulnerabilities allows a remote attacker to cause a...
libntirpc: Memory leak when failing to parse XDR strings or bytearrays
It was found that due to the way rpcbind uses libtirpc libntirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer...
MGASA-2016-0122 Updated moodle packages fix security vulnerability
In Moodle before 2.8.11, teachers who otherwise were not supposed to see students' emails could see them in the participants list CVE-2016-2151. In Moodle before 2.8.11, Moodle traditionally trusted content from external DB, however it was decided that external datasources may not be aware of web...
Updated moodle packages fix security vulnerability
In Moodle before 2.8.11, teachers who otherwise were not supposed to see students' emails could see them in the participants list CVE-2016-2151. In Moodle before 2.8.11, Moodle traditionally trusted content from external DB, however it was decided that external datasources may not be aware of web...
Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipts Sound Object
Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipts Sound Object Source: https://code.google.com/p/google-security-research/issues/detail?id=354&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id 90-day deadline tracking for...
krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation XDR data. An authenticated user could use this flaw to crash the MIT Kerberos administration server kadmind, or other applications using Kerberos libraries, using specially crafted XDR packets...
IT-Grundschutz M4.004: Geeigneter Umgang mit Laufwerken für Wechselmedien und externen Datenspeichern
IT-Grundschutz M4.004: Geeigneter Umgang mit Laufwerken für Wechselmedien und externen Datenspeicher. Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM4004.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 4.004 Authors: Thomas Rotter Copyright:...
krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)
A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation XDR data. An authenticated user could use this flaw to crash the MIT Kerberos administration server kadmind, or other applications using Kerberos libraries, using specially crafted XDR packets...