6574 matches found
Joomla Kunena 3.0.4 Cross Site Scripting
Persistent XSS in Joomla::Kunena 3.0.4 26. February 2014 by Qoppa +++ Description "Kunena is the leading Joomla forum component. Downloaded more than 3,750,000 times in nearly 6 years." Kunena is written in PHP. Users can post a Google Map using the following BBCode mapcontent/map Kunena creates ...
Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting
Persistent XSS in Joomla::Kunena 3.0.4 26. February 2014 by Qoppa +++ Description "Kunena is the leading Joomla forum component. Downloaded more than 3,750,000 times in nearly 6 years." Kunena is written in PHP. Users can post a Google Map using the following BBCode mapcontent/map Kunena creates ...
CVE-2014-1826
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...
Cross site scripting
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...
CVE-2014-1826
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...
Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)
The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a differen...
Mobile Security Audit: zANTI
zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety zANTI offers a host of penetration-testing features, including...
Design/Logic Flaw
Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a denial of service or...
[Creepy] Geolocation information Gathering through Social Networking Platforms
Creepy is a geolocation OSINT tool. Gathers geolocation related information from online sources, and allows for presentation on map, search filtering based on exact location and/or date, export in csv format or kml for further analysis in Google Maps. What's new in v1.0.x ? Creepy now uses Qt 4,...
CVE-2013-7232
SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service...
PT-2013-6299 · Esri · Esri Arcgis For Server
Name of the Vulnerable Software and Affected Versions: ESRI ArcGIS for Server versions through 10.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service. This can be exploited by providing malicious input to the...
Geolocation OSINT Tool Creepy
Geolocation OSINT Tool Creepy Creepy is a geolocation OSINT tool. Gathers geolocation related information from online sources, and allows for presentation on map, search filtering based on exact location and/or date, export in csv format or kml for further analysis in Google Maps. What’s new in...
DEBIAN-CVE-2013-6376
The recalculateapicmap function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service host OS crash via a crafted ICR write operation in x2apic mode...
DEBIAN-CVE-2013-6411
The HandleCrashedAircraft function in aircraftcmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service out-of-bounds read and crash by crashing an aircraft outside of the map...
Out-of-bounds
The HandleCrashedAircraft function in aircraftcmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service out-of-bounds read and crash by crashing an aircraft outside of the map...
CVE-2013-6411
The HandleCrashedAircraft function in aircraftcmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service out-of-bounds read and crash by crashing an aircraft outside of the map...
PT-2013-6018 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.12.6 Description: The issue allows guest OS users to cause a denial of service, resulting in a host OS crash, by performing a crafted ICR write operation in x2apic mode. This is due to a problem in the...
CVE-2013-1978
Heap-based buffer overflow in the readxwdcols function in file-xwd.c in the X Window Dump XWD plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an X Window System XWD image dump with more colors than color map...
CVE-2013-1978
Heap-based buffer overflow in the readxwdcols function in file-xwd.c in the X Window Dump XWD plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an X Window System XWD image dump with more colors than color map...
Updated openttd package fixes security vulnerability
A missing validation in OpenTTD before 1.3.3 allows remote attackers to cause a denial of service crash by forcefully crashing aircraft near the corner of the map. This triggers a corner case where data outside of the allocated map array is accessed CVE-2013-6411...