1013 matches found
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 OS X Yosemite v10.10.5 and Security Update 2015-006 is now available and addresses the following: apache Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in...
Apple iOS 8.3 Includes Long List of Security Fixes
Apple has released iOS 8.3, a major security upgrade for iPhone and iPad users that includes patches for more than three dozen vulnerabilities. The new version of iOS has security fixes for several vulnerabilities in the mobile operating system’s kernel, a handful of code-execution bugs and a lon...
Concrete CMS: Stored XSS in Testimonial Position
XSS payload can be executed and saved permanently in Testimonial Position. Poc code: "...
PYSEC-2014-80
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to...
CVE-2014-5277
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to...
CVE-2014-5277
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to...
CVE-2014-5277
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to...
Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); - 87 Byte
87 bytes small position independent and alphanumeric 64-bit execve"/bin/sh\0",NULL,NULL; shellcode. Title: Position independent & Alphanumeric 64-bit execve"/bin/sh\0",NULL,NULL; 87 bytes Author: Breaking.Technology Date: 06 November 2014 Vendor Homepage: http://breaking.technology Version: x86-6...
chromium: multiple security fixes in Chrome 38.0.2125.101
Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...
Design/Logic Flaw
Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...
UBUNTU-CVE-2014-3191
Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...
DSA-3029-1 nginx - security update
Bulletin has no description...
MS Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service
No description provided by source. !-- Internet Explorer = 6.0.2900 SP2 suffers from a DoS vulnerability in which a remote users Internet Explorer session can be crashed when hovering their cursor over a specially made table. The fault occurs when the position CSS attribute is set to a table. Thi...
SGI IRIX <= 6.4 permissions Buffer overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/417/info A buffer overrun exists in the permissions program, as shipped by Silicon Graphics with the 5.x and 6.x Irix operating system. By supplying a long, well crafted buffer as the 4th argument to the program, arbitrar...
Microsoft Internet Explorer 6 Absolute Position Block Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8758/info A problem has been reported in Microsoft Internet Explorer when absolute positioning is used. Because of this, it may be possible to deny service to users of the browser. This issue may be due to memory...
74cms 二次注入(鸡肋) 但可以造成命令执行
简要描述: 74cms 二次注入(鸡肋) 但可以造成命令执行,企业用户职位名称存在二次注入 详细说明: 登陆企业用户--》发布职位--》修改职位,如图所示: 对了,这里由于对职位的名称做了长度限制,但是只限于前台限制,故而发包如图所示: 然后点击职位管理,再点击延期,如图所示 点击延期职位按钮,可以发现sleep5被执行,到后台查看sql执行语句为完整语句: INSERT INTO qsmemberslog loguid,logusername,logutype,logtype,logaddtime,logip,logaddress,logvalue VALUES...
APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3 AirPort Base Station Firmware Update 7.7.3 is now available and addresses the following: Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An...
Mozilla Firefox Style Engine Position Change Memory Corruption - Ver2 (CVE-2006-0294)
A memory corruption vulnerability has been reported in Mozilla Firefox. A remote attacker could trigger this vulnerability by changing an element's style from position:relative to position:static which causes Gecko to operate on freed memory. Successful exploitation of this vulnerability could...
Using symbolic execution to solve a tiny ASCII maze.
In this post we'll exercise the symbolic execution engine KLEE over a funny ASCII Maze yet another toy example! | VS. | Maze dimensions: 11x7 Player pos: 1x1 Iteration no. 0 Program the player moves with a sequence of 'w', 's', 'a' or 'd' Try to reach the prize! +-+---+---+ |X| || | | --+ | | | |...
[Salted Hash Kracker v1.5] Recover the Password from Salted Hash text
Salted Hash Kracker is the free all-in-one tool to recover the Password from Salted Hash text. These days most websites and applications use salt based hash generation to prevent it from being cracked easily using precomputed hash tables such as Rainbow Crack. In such cases, 'Salted Hash Kracker'...