3751 matches found
Information disclosure
The Bilingual Magic Ball Relajo aka com.wBilingualMagicBallRelajo application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7652
The CVE-2014-7652 entry concerns the Magicam Photo Magic Editor (aka mobi.magicam.editor) for Android (version 5.0). The vulnerability is that the application does not verify X.509 SSL certificates, enabling potential man-in-the-middle attackers to spoof servers and obtain sensitive information v...
CVE-2014-7664
The CVE-2014-7664 entry concerns a Android app named Bilingual Magic Ball Relajo (com.wBilingualMagicBallRelajo, version 0.1). The vulnerability is that the app does not verify X.509 certificates from SSL servers, allowing a man-in-the-middle to spoof servers and access sensitive information via ...
CVE-2014-7464
The Magic Stamp aka vn.avagame.apotatem application 2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Bilingual Magic Ball aka com.wBilingualMagicBall application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7446
The CVE-2014-7446 entry concerns the Android app “The Bilingual Magic Ball” (com.wBilingualMagicBall) version 0.1, where SSL connections do not verify X.509 certificates. This root cause enables man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificat...
CVE-2014-7371
CVE-2014-7371 affects the Android app “Magic Balloonman Marty Boone” (com.app_martyboone.layout) version 1.400. The issue is that the app does not verify X.509 certificates from SSL servers, which enables man-in-the-middle attackers to spoof servers and access sensitive information via a crafted ...
CVE-2014-7446
The Bilingual Magic Ball aka com.wBilingualMagicBall application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7464
CVE-2014-7464 concerns the Android app “The Magic Stamp” (aka vn.avagame.apotatem) version 2.8, where the client fails to verify X.509 certificates from SSL servers. This root cause allows MITM attackers to spoof the server and potentially leak sensitive information via a crafted certificate. The...
Kernel: HID: OOB write in magicmouse driver
An out-of-bounds write flaw was found in the way the Apple Magic Mouse/Trackpad multi-touch driver handled Human Interface Device HID reports with an invalid size. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on...
DEBIAN-CVE-2014-3181
Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted...
CVE-2014-3181
Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted...
Stack overflow
Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted...
CVE-2014-3181
Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted...
CVE-2014-3181
Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted...
CVE-2014-3181
Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted...
UBUNTU-CVE-2014-3181
Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted...
PT-2014-5121 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.16.3 Description: The issue is related to multiple stack-based buffer overflows in the magicmouse raw event function in the Magic Mouse HID driver. This allows physically proximate attackers to cause a denial o...
eShop Magic 0.1 - eshop-magic/download.php file Parameter Traversal Arbitrary File Access
The Eshop Magic WordPress plugin was affected by an eshop-magic/download.php file Parameter Traversal Arbitrary File Access security vulnerability...
齐博cmsV7整站系统sql注入
简要描述: 应该逻辑有点小错误? 详细说明: http://down.qibosoft.com/down.php?v=v7 刚下载来测试的 发现点问题。 function AddS$array foreach$array as $key=$value if!isarray$value @eregi"'\"&+",$key && die'ERROR KEY!'; $value=strreplace"&x","& x",$value; //过滤一些不安全字符 $value=pregreplace"/eval/i","eva l",$value; //过滤不安全函数...