Lucene search
K

3751 matches found

Packet Storm
Packet Storm
added 2016/08/16 12:0 a.m.29 views

WordPress Magic Fields 1 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016...

0.2AI score
Exploits0
Filippo.io
Filippo.io
added 2016/07/02 3:41 a.m.23 views

git fixup: --amend for older commits

Everyone knows and loves to use git commit --amend to change the latest commit. But what if you want to correct a older commit? The flow in that case involves an interactive rebase with a edit step. But that's kludgy. Here's an alias that using a couple of nifty git features makes it one command...

6.9AI score
Exploits0
hackapp
hackapp
added 2016/05/27 3:6 a.m.16 views

Magic Crystal Ball by BabyBus - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Magic Crystal Ball by BabyBus published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
Ubuntu
Ubuntu
added 2016/05/24 5:31 p.m.112 views

USN-2984-1: PHP vulnerabilities

It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2015-8865 Hans Jerry Illikainen...

9.8CVSS8.5AI score0.5851EPSS
Exploits22
NVD
NVD
added 2016/05/20 10:59 a.m.27 views

CVE-2015-8865

The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...

7.5CVSS8.9AI score0.04985EPSS
Exploits1References20
OSV
OSV
added 2016/05/20 10:59 a.m.1 views

DEBIAN-CVE-2015-8865

The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...

7.3CVSS8.1AI score0.04985EPSS
Exploits1References1
Cvelist
Cvelist
added 2016/05/20 10:0 a.m.30 views

CVE-2015-8865

The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...

8.9AI score0.04985EPSS
Exploits1References20
Debian CVE
Debian CVE
added 2016/05/20 10:0 a.m.36 views

CVE-2015-8865

The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...

7.5CVSS8.8AI score0.04985EPSS
Exploits1
Cent OS
Cent OS
added 2016/05/16 10:13 a.m.448 views

file, python security update

CentOS Errata and Security Advisory CESA-2016:0760 An update for file is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7.1AI score0.20237EPSS
Exploits2References7
Oracle linux
Oracle linux
added 2016/05/12 12:0 a.m.53 views

file security, bug fix, and enhancement update

5.04-30 - fix CVE-2014-3538 unrestricted regular expression matching 5.04-29 - fix 1284826 - try to read ELF header to detect corrupted one 5.04-28 - fix 1263987 - fix bugs found by coverity in the patch 5.04-27 - fix CVE-2014-3587 incomplete fix for CVE-2012-1571 - fix CVE-2014-3710 out-of-bound...

7.5CVSS7.5AI score0.20237EPSS
Exploits3
myhack58
myhack58
added 2016/05/05 12:0 a.m.20 views

Safety warning: the ImageMagick image processing software there is a remote code execution(CVE-2 0 1 6-3 7 1 4)-vulnerability warning-the black bar safety net

ImageMagick is a popular image processing software, there are numerous Web sites use it for image processing, but in the present on Tuesday, ImageMagick disclose a serious 0day vulnerability, and this vulnerability allows an attacker to upload a malicious configuration of the image file on the...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2016/05/03 10:59 p.m.84 views

Warning — Widely Popular ImageMagick Tool Vulnerable to Remote Code Execution

A serious zero-day vulnerability has been discovered in ImageMagick, a widely popular software tool used by a large number of websites to process user's photos, which could allow hackers to execute malicious code remotely on servers. ImageMagick is an open-source image processing library that let...

10CVSS8.9AI score0.97485EPSS
Exploits11
CNVD
CNVD
added 2016/04/30 12:0 a.m.9 views

Allegro Software Development RomPager Security Bypass Vulnerability

Allegro Software Development RomPager is an embedded Web server toolkit that allows users to manage and control World Wide Web WWW services for network devices such as network printers, switches, and routers using a common Web browser. A security vulnerability in Allegro Software Development...

7.8CVSS9.4AI score0.04437EPSS
Exploits4References1
n0where
n0where
added 2016/04/15 11:49 a.m.21 views

Pattern Matching Swiss Knife: YARA

YARA is a tool aimed at but not limited to helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families or whatever you want to describe based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strin...

0.6AI score
Exploits0References3
OSV
OSV
added 2016/04/06 2:9 p.m.3 views

MGASA-2016-0132 Updated file packages fix security vulnerability

The file command was vulnerable to a buffer over-write in with a malformed magic file...

7.4AI score
Exploits0References3
hackapp
hackapp
added 2016/04/01 10:25 a.m.13 views

Magic Bubbles - Corrupted files, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Magic Bubbles published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:25 a.m.14 views

MAGIC KINDER Challenge - SD-card access, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application MAGIC KINDER Challenge published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:24 a.m.20 views

The Magic Words - Polite Baby - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application The Magic Words - Polite Baby published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:23 a.m.9 views

Magic Numbers - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Magic Numbers published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:21 a.m.17 views

Magic Coloring Picture Book - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Magic Coloring Picture Book published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder