448 matches found
CVE-2016-5803
An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can...
CVE-2016-5803
An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can...
Internet Bug Bounty: wddx_deserialize use-after-free
Upstream Bug --- https://bugs.php.net/bug.php?id=72860 Summary -- wddxdeserialize allows to unserialize a WDDX packet that usually comes from external input. While WDDX tries to deserialize "recordset" element, use-after-free happens if the close tag for the field is not found. Patch --...
URL request injection
When libcurl sends a request to a server via an HTTP proxy, it copies the entire URL into the request and sends if off. If the given URL contains line feeds and carriage returns those are sent along to the proxy too, which allows the program to for example send a separate HTTP request injected...
tcpdump 4.6.2 - Geonet Decoder Denial of Service
tcpdump 4.6.2 - Geonet Decoder Denial of Service CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 1. Background tcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets being transmitted or...
tcpdump 4.6.2 Geonet Decoder Denial of Service Vulnerability
Exploit for multiple platform in category dos / poc CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 1. Background tcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets being transmitted or...
Xorbin Analog Flash Clock 1.0 For WordPress XSS
==================================================================== Xorbin Analog Flash Clock 1.0 Plugin for Wordpress Flash-based XSS ==================================================================== Description: This plugin displays analog flash clock on your website. It's easy to use and...
Xorbin Digital Flash Clock 1.0 For WordPress XSS
==================================================================== Xorbin Digital Flash Clock 1.0 Plugin for Wordpress Flash-based XSS ==================================================================== Description: This plugin displays digital flash clock on your website. It's easy to use and...