813 matches found
CVE-2016-0587
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing...
Design/Logic Flaw
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing...
CVE-2016-0587
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing...
[SECURITY] Fedora 22 Update: ruby-2.2.4-47.fc22
Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...
VideoCharge Studio Buffer Overflow (SEH)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'VideoCharge Studio Buffer Overflow SEH', 'Description' = %q This module exploits a stack based buffer overflow in VideoCharge Studio...
PDF Shaper 3.5 - Local Buffer Overflow (Metasploit)
PDF Shaper 3.5 - Local Buffer Overflow Metasploit This module requires Metabuffer: http://metabuffer.com/download Current source: https://github.com/rapid7/metabuffer-framework require 'msf/core' class Metasploit3 'PDF Shaper Buffer Overflow', 'Description' = %q PDF Shaper is prone to a security...
PHP 5.6.x < 5.6.10 Multiple Vulnerabilities
According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression PCRE library due to improper validatio...
Microsoft Windows Journal File Processing CVE-2015-1698 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...
Microsoft Windows Journal File Processing CVE-2015-1699 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsof...
PHP 5.5.x < 5.5.24 Multiple Vulnerabilities
According to its banner, the version of PHP 5.5.x running on the remote web server is prior to 5.5.24. It is, therefore, affected by multiple vulnerabilities : - An unspecified use-after-free error exists in the zendsharedmemdup function within file ext/opcache/zendsharedalloc.c that allows an...
Cisco Web Security Appliance Python File Processing Privilege Escalation Vulnerability
A vulnerability in the status-checking process of remote access tunnels for supporting Cisco Web Security Appliances WSA could allow an authenticated, local attacker to execute arbitrary Python code on the affected system. The vulnerability is due to improper usage and handling of the pickle Pyth...
CVE-2015-0934
Common LaTeX Service Interface CLSI before 0.1.3, as used in ShareLaTeX before 0.1.3, allows remote authenticated users to execute arbitrary code via backtick characters in a filename...
QQPlayer-asx-File-Processing-Buffer-Overflow
Title: QQPlayer asx File Processing Buffer Overflow Exploit Author: Li Qingshan of Information Security Engineering Center,School of Software and Microelectronics,Peking University Vendor: www.qq.com head =''' ''' payload=head+junk+nseh+seh+adjust+shellcode+junk+foot fobj = open"poc.asx","w"...
gcab 'gcab-folder.c' local directory traversal vulnerability
gcab is a set of Microsoft Cabinet file processing tools. The tools list, extract and create compressed .cab files. A local directory traversal vulnerability exists in gcab 'gcab-folder.c'. Due to the program failing to adequately filter user-supplied input. Allowing a local attacker to access th...
CVE-2014-9427
The CVE-2014-9427 issue affects PHP CGI (sapi/cgi/cgi_main.c). In PHP 5.4.36 and 5.5.x up to 5.5.20, and 5.6.x up to 5.6.4, mmap-based reading of a .php file can miss the mapping length for certain invalid inputs starting with ‘#’ and lacking a newline. This yields an out-of-bounds read that coul...
Multiple vulnerabilities in IDA Pro (CNVD-2014-09237)
IDA PRO abbreviation IDA Interactive Disassembler is an interactive disassembler. IDA Pro 6.6 and earlier versions contain several implementation vulnerabilities that could allow an attacker to take control of the affected system, a double-release in the kernel and a double-release error in the N...
Design/Logic Flaw
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an...
CVE-2014-3538
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an...
MultiPowUpload 2.1 - Remote File Upload Vulnerability
No description provided by source. Exploit Title: MultiPowUpload v 2.1 Remote File Upload Vulnerability Author: DIES3L Email: [email protected] Date: 26-1-2011 Software Link: http://www.element-it.com Download Software : http://www.element-it.com/Download/ElementIT.MultiPowUpload3.zip Version: 2.1...
Fat Player 0.6b - WAV File Processing Buffer Overflow (SEH)
No description provided by source. Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information. Reference:...