6680 matches found
ManageEngine OpManager Remote Code Execution
This module exploits a default credential vulnerability in ManageEngine OpManager, where a default hidden account "IntegrationUser" with administrator privileges exists. The account has a default password of "plugin" which cannot be reset through the user interface. By log-in and abusing the...
tamaris.de XSS vulnerability
Vulnerable URL: http://www.tamaris.de/on/demandware.store/Sites-DE-Site/deDE/Search-Show?q=...
libvdpau lib32vdpau: multiple issues
CVE-2015-5198 Local Privilege Escalation When used in a setuid or setgid application, libvdpau/lib32-libvdpau allows local users to gain privileges via unspecified vectors, related to the VDPAUDRIVERPATH environment variable. - CVE-2015-5199 Directory Traversal Directory traversal vulnerability...
sibtourport.ru XSS vulnerability
Vulnerable URL: http://www.sibtourport.ru/search/node/--...
DEBIAN-CVE-2015-5200
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...
Design/Logic Flaw
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...
CVE-2015-5200
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...
CVE-2015-5200
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...
Cumulative update for Windows 10: September 8, 2015
Describes the September 8, 2015, update for Windows 10.SummaryThis update for Windows 10 includes functionality improvements and resolves the vulnerabilities in Windows that are described in the following Microsoft security bulletins:Microsoft Security Bulletin MS15-094Microsoft Security Bulletin...
popsugar.co.uk XSS vulnerability
Vulnerable URL: http://www.popsugar.co.uk/search?s=x"...
CVE-2015-5200
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...
UBUNTU-CVE-2015-5200
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...
morningjournal.com XSS vulnerability
Open Bug Bounty ID: OBB-82595 Description| Value ---|--- Affected Website:| morningjournal.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2724-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2724-1 advisory. It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this iss...
Page2Flip 2.5 Missing Access Control
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-033 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Missing Function Leve...
marokko.nl XSS vulnerability
Vulnerable URL: http://marokko.nl/geentaboes/zoeken.php?q=" Details: Description| Value ---|--- Patched:| Yes, at 22.11.2017 Latest check for patch:| 22.11.2017 14:14 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 89686 Google Pagerank| 4 VIP website status:| N...
Multiple Flaws Exposed in Pocket Add-on for Firefox
With providing easy accessibility, the battle is not won! Server-side Vulnerabilities have been reported by a security researcher in the popular Pocket add-on that comes attached with the Firefox browser. The security flaws could have allowed hackers to exfiltrate data from the company’s servers ...
CVE-2015-1830
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...
kb.enoi.se XSS vulnerability
Vulnerable URL: http://kb.enoi.se/?s=...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2015:1623 Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...