Unspecified Vulnerability in Oracle E-Business Suite Oracle Application Object Library Menu Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Application Object Library Menu component, which allows remote attackers to exploit the vulnerability to submit a special request to acce...

Windows kernel vulnerability MS15-0 1 0/CVE-2 0 1 5-0 0 5 7 analysis and use with the EXP-a vulnerability warning-the black bar safety net

Description Back in 2 0 1 5 early Udi Yavo1found that one affects Windows XP to Windows 1 0previewof the Windows kernel vulnerability, the following two article on the CVE-2 0 1 5-0 0 5 7 analysis of the article, we can refer to one of the two: 1. FireEye described some technical details about th...

CVE-2015-6406

CVE-2015-6406 describes a directory traversal vulnerability in Cisco Emergency Responder’s Tools menu. Affected software is Cisco Emergency Responder 10.5(1.10000.5). The root cause is improper sanitization of user-supplied input that forms a filename, allowing authenticated, remote attackers to ...

grub2: modules built in on EFI builds that allow loading arbitrary code, circumventing secure boot

It was discovered that grub2 builds for EFI systems contained modules that were not suitable to be loaded in a Secure Boot environment. An attacker could use this flaw to circumvent the Secure Boot mechanisms and load non-verified code. Attacks could use the boot menu if no password was set, or t...

DEBIAN-CVE-2015-5733

Cross-site scripting XSS vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title...

DEBIAN-CVE-2015-5732

Cross-site scripting XSS vulnerability in the form function in the WPNavMenuWidget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title...

UBUNTU-CVE-2015-5733

Cross-site scripting XSS vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title...

CVE-2015-5732

Cross-site scripting XSS vulnerability in the form function in the WPNavMenuWidget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title...

CVE-2003-1308

CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename...

CVE-2006-5969

CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308...

openSUSE Security Update : icedtea-web (openSUSE-2015-602)

The icedtea-web java plugin was updated to 1.6.1. Changes included : - Enabled Entry-Point attribute check - permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not at all. - fixed DownloadService - comments in deployment.properties n...

中兴通讯PC界面USB调制解调器软件 - 缓冲区溢出

No description provided by source. !/usr/bin/python -w Title : ZTE PC UI USB MODEM SOFTWARE Buffer Overflow Date : 17/09/2015 Author : R-73eN Tested on : Windows Xp sp3 on software Eagle Speed PCWEAGLEALBp671A1V1.0.0B02 Since all the PC UI based software shares the same source code they are all...

ZTE PC UI USB Modem Software - Local Buffer Overflow

!/usr/bin/python -w Title : ZTE PC UI USB MODEM SOFTWARE Buffer Overflow Date : 17/09/2015 Author : R-73eN Tested on : Windows Xp sp3 on software Eagle Speed PCWEAGLEALBp671A1V1.0.0B02 Since all the PC UI based software shares the same source code they are all vulnerable.Confirmed By ZTE The...

UltraEdit v22.20 - Buffer Overflow Vulnerability

Document Title: =============== UltraEdit v22.20 - Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1601 Release Date: ============= 2015-09-16 Vulnerability Laboratory ID VL-ID: ==================================== 1601 Comm...

Empire: a PowerShell post-exploitation Agent tools-vulnerability warning-the black bar safety net

Empire is a purely PowerShell post-exploitation Agent tools, it is built on cryptography, secure communications and flexible architecture. Empire realize the need to powershell. exe you can run a PowerShell proxy function. Rapid deployment post-exploit module, from the keyboard recorder to...

Empire - PowerShell Post-Exploitation Agent

Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz,...

DSA-3346-1 drupal7 - security update

Bulletin has no description...

UBUNTU-CVE-2015-6661

Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu...

Drupal Menu Links Information Disclosure Vulnerability

Drupal is a free and open source content management system developed in PHP. A security vulnerability exists in Drupal Menu Links that allows remote attackers to exploit the vulnerability to submit special requests to obtain sensitive information...

Drupal Mobile sliding menu module cross-site scripting vulnerability

Drupal is the Drupal community maintained by a set of free , open source content management system developed in PHP. mobile sliding menu is one of the integrated menu jQuery plugin module . A cross-site scripting vulnerability exists in the Drupal Mobile sliding menu module in versions 7.x-2.1 an...