UBUNTU-CVE-2016-2324

Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, which triggers a heap-based buffer overflow...

Core FTP Server 1.2 - Local Buffer Overflow

Core FTP Server 1.2 - Local Buffer Overflow -- coding: utf-8 -- Exploit Title : Core FTP Server v1.2 - BufferOverflow POC Date: 2016-02-22 Author: INSECT.B Facebook : https://www.facebook.com/B.INSECT00 GitHub : binsect00 Blog : http://binsect00.tistory.com Vendor Homepage : http://www.coreftp.co...

Mobile Drive Free 1.8 Local File Inclusion / File Upload

Document Title: =============== Mobile Drive Free v1.8 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1708 Release Date: ============= 2016-02-05 Vulnerability Laboratory ID VL-ID: ====================================...

Updated cgit packages fix security vulnerability

Reflected Cross Site Scripting and Header Injection in Mimetype Query String in cgit before 0.12 CVE-2016-1899. Stored Cross Site Scripting and Header Injection in Filename Parameter in cgit before 0.12 CVE-2016-1900. Integer Overflow resulting in Buffer Overflow in cgit before 0.12 CVE-2016-1901...

Getdpd BB #5 - Persistent Filename Vulnerability

Document Title: =============== Getdpd BB 5 - Persistent Filename Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1569 ID: 14773 Release Date: ============= 2016-02-05 Vulnerability Laboratory ID VL-ID: ====================================...

Getdpd BB #5 - Persistent Filename Vulnerability

Document Title: =============== Getdpd BB 5 - Persistent Filename Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1569 ID: 14773 Release Date: ============= 2016-02-05 Vulnerability Laboratory ID VL-ID: ====================================...

Haxx cURL Arbitrary File Write Vulnerability

Haxx cURL is a set of file transfer tools from the Swedish company Haxx that utilize URL syntax to work at the command line. A security vulnerability exists in Haxx cURL versions prior to 7.47.0 for Windows platforms, which can be exploited to write arbitrary files in the current working director...

remote filename path traversal in curl tool for Windows

curl does not sanitize colons in a remote filename that is used as the local filename. This may lead to a vulnerability on systems where the colon is a special path character. Currently Windows is the only OS where this vulnerability applies. curl offers command line options --remote-name also...

CURL-CVE-2016-0754 remote filename path traversal in curl tool for Windows

curl does not sanitize colons in a remote filename that is used as the local filename. This may lead to a vulnerability on systems where the colon is a special path character. Currently Windows is the only OS where this vulnerability applies. curl offers command line options --remote-name also...

Secure Item Hub 1.0 iOS - Multiple Vulnerabilities

Document Title: =============== Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1682 Release Date: ============= 2016-01-27 Vulnerability Laboratory ID VL-ID: ==================================== 16...

cgit CRLF Injection Vulnerability

cgit is a web front-end for git repositories written in C . A CRLF injection vulnerability exists in the 'cgitprinthttpheaders' function in the ui-shared.c file in cgit versions prior to 0.12. A remote attacker can exploit this vulnerability by injecting arbitrary HTTP headers with 'write...

Threat Outbreak Alert RuleID20399: Email Messages Distributing Malicious Software on January 12, 2016

Medium Alert ID: 42981 First Published: 2016 January 12 13:19 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID20399 and RuleID20399KVR may contain the...

CVE-2015-7939

Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename...

Heap overflow

Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename...

CVE-2015-7939

Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename...

CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename...

UBUNTU-CVE-2015-7976

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename...

CVE-2015-5204

CRLF injection vulnerability in the Apache Cordova File Transfer Plugin cordova-plugin-file-transfer for Android before 1.3.0 allows remote attackers to inject arbitrary headers via CRLF sequences in the filename of an uploaded file...

Directory traversal

Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.51.10000.5 allows remote authenticated users to write to arbitrary files via a crafted filename, aka Bug ID CSCuv21781...

CVE-2006-1251

Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command...