3751 matches found
WordPress Magic Fields 1 Cross Site Scripting
------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016...
git fixup: --amend for older commits
Everyone knows and loves to use git commit --amend to change the latest commit. But what if you want to correct a older commit? The flow in that case involves an interactive rebase with a edit step. But that's kludgy. Here's an alias that using a couple of nifty git features makes it one command...
Magic Crystal Ball by BabyBus - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Magic Crystal Ball by BabyBus published at the 'play' market has multiple vulnerabilities...
USN-2984-1: PHP vulnerabilities
It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2015-8865 Hans Jerry Illikainen...
CVE-2015-8865
The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...
DEBIAN-CVE-2015-8865
The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...
CVE-2015-8865
The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...
CVE-2015-8865
The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...
file, python security update
CentOS Errata and Security Advisory CESA-2016:0760 An update for file is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
file security, bug fix, and enhancement update
5.04-30 - fix CVE-2014-3538 unrestricted regular expression matching 5.04-29 - fix 1284826 - try to read ELF header to detect corrupted one 5.04-28 - fix 1263987 - fix bugs found by coverity in the patch 5.04-27 - fix CVE-2014-3587 incomplete fix for CVE-2012-1571 - fix CVE-2014-3710 out-of-bound...
Safety warning: the ImageMagick image processing software there is a remote code execution(CVE-2 0 1 6-3 7 1 4)-vulnerability warning-the black bar safety net
ImageMagick is a popular image processing software, there are numerous Web sites use it for image processing, but in the present on Tuesday, ImageMagick disclose a serious 0day vulnerability, and this vulnerability allows an attacker to upload a malicious configuration of the image file on the...
Warning — Widely Popular ImageMagick Tool Vulnerable to Remote Code Execution
A serious zero-day vulnerability has been discovered in ImageMagick, a widely popular software tool used by a large number of websites to process user's photos, which could allow hackers to execute malicious code remotely on servers. ImageMagick is an open-source image processing library that let...
Allegro Software Development RomPager Security Bypass Vulnerability
Allegro Software Development RomPager is an embedded Web server toolkit that allows users to manage and control World Wide Web WWW services for network devices such as network printers, switches, and routers using a common Web browser. A security vulnerability in Allegro Software Development...
Pattern Matching Swiss Knife: YARA
YARA is a tool aimed at but not limited to helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families or whatever you want to describe based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strin...
MGASA-2016-0132 Updated file packages fix security vulnerability
The file command was vulnerable to a buffer over-write in with a malformed magic file...
Magic Bubbles - Corrupted files, Dynamic Code Loading, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Magic Bubbles published at the 'play' market has multiple vulnerabilities...
MAGIC KINDER Challenge - SD-card access, Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application MAGIC KINDER Challenge published at the 'play' market has multiple vulnerabilities...
The Magic Words - Polite Baby - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application The Magic Words - Polite Baby published at the 'play' market has multiple vulnerabilities...
Magic Numbers - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Magic Numbers published at the 'play' market has multiple vulnerabilities...
Magic Coloring Picture Book - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Magic Coloring Picture Book published at the 'play' market has multiple vulnerabilities...