1220 matches found
CVE-2016-7796
The managerdispatchnotifyfd function in systemd allows local users to cause a denial of service system hang via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled...
systemd 'manager_invoke_notify_message()' function local denial of service vulnerability
systemd is a Linux-based system and service manager developed by German software developer Lennart Poettering and others. It is compatible with the SysV and LSB startup scripts and provides a framework for representing dependencies between system services. A denial of service vulnerability exists...
Multiple vulnerabilities in Drupal Node Notify module
Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Node Notify is one of the node modules that allows registered users and anonymous users to subscribe. A cross-site scripting vulnerability and a cross-site request forgery vulnerability...
Mi Band Notify & Fitness - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Mi Band Notify & Fitness published at the 'play' market has multiple vulnerabilities...
Anime Notify - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Anime Notify published at the 'play' market has multiple vulnerabilities...
The vulnerability of Google Chrome’s browser allows a violator to bypass mechanisms designed to protect the integrity of subresources.
The vulnerability of the PendingScript::notifyFinished function in Google Chrome’s WebKit/Source/core/dom/PendingScript.cpp is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass Subresource Integrity SRI protection mechanisms by...
Google Chrome Security Bypass Vulnerability (CNVD-2016-01515)
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the 'PendingScript::notifyFinished' function in the WebKit/Source/core/dom/PendingScript.cpp file in Google Chrome versions prior to 49.0.2623.75. A security vulnerability exists...
Node Notify - Critical - Multiple Vulnerabilities - SA-CONTRIB-2016-013
Node Notify is a lightweight module to allow subscription to comments on nodes for registered and anonymous users. The module doesn't sufficiently sanitize some user provided content, leading to a Cross Site Scripting vulnerability. Additionally, some paths were not protected against CSRF. An...
shopnc o2o版 index.php?act=payment&op=notify SQL注入漏洞
No description provided by source...
systemd: freeze when PID 1 receives a zero-length message over notify socket
A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd freeze its execution, preventing further management of system services, system shutdown, or zombie process collection via systemd...
Persistent Systems Accelerite Radia Client Automation Access Bypass Vulnerability
Persistent Systems Accelerite Radia Client Automation formerly known as HP Client Automation is a client automation management solution from Persistent Systems India. The solution provides monitoring, alerting, auto-remediation and reporting on hardware, applications and operating systems. A...
HP Client Automation and Radia Client Automation is vulnerable to remote code execution
Overview Radia Client Automation previously sold under the name HP Client Automation agent prior to version 9.1 is vulnerable to arbitrary remote code execution. Description According to ZDI's advisory for ZDI-15-363, which has been assigned CVE-2015-7860: "This vulnerability allows remote...
CVE-2015-7863
The default configuration of Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attackers to bypass intended access restrictions vi...
Default configuration
The default configuration of Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attackers to bypass intended access restrictions vi...
CVE-2015-7863
The default configuration of Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attackers to bypass intended access restrictions vi...
PayPal Inc Bug Bounty #119 - URL Redirection Vulnerability
Document Title: =============== PayPal Inc Bug Bounty 119 - URL Redirection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1610 Video: http://www.vulnerability-lab.com/getcontent.php?id=1611 Release Date: ============= 2015-10-01...
PayPal Inc Bug Bounty #119 - URL Redirection Vulnerability
Document Title: =============== PayPal Inc Bug Bounty 119 - URL Redirection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1610 Video: http://www.vulnerability-lab.com/getcontent.php?id=1611 Release Date: ============= 2015-09-30...
PayPal Notify - Cross Site Request Forgery Vulnerability
Document Title: =============== PayPal Notify - Cross Site Request Forgery Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1584 Video: https://www.youtube.com/watch?v=1NO4I28J-0s Release Date: ============= 2015-08-25 Vulnerability Laboratory ID VL-ID:...
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...
INFOMARK IMW-C920W miniupnpd 1.0 - Denial of Service Vulnerability
MiniUPNPd version 1.0 remote denial of service exploit. !/usr/bin/perl miniupnpd/1.0 remote denial of service exploit Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP...