Lucene search
K

2299 matches found

Tenable Nessus
Tenable Nessus
added 2016/04/08 12:0 a.m.31 views

Drupal 7.x < 7.38 Multiple Vulnerabilities

Binary data 9217.prm...

5.8CVSS6.4AI score0.02763EPSS
Exploits0References7
0day.today
0day.today
added 2016/04/01 12:0 a.m.39 views

Adobe Flash - URLStream.readObject Use-After-Free

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=611 There is a use-after-free in URLStream.readObject. If the object read is a registered class, the constructor will get invoked to create the object. If the constructor calls...

10CVSS8.9AI score0.31634EPSS
Exploits1
Debian
Debian
added 2016/03/20 6:36 p.m.86 views

[SECURITY] [DSA 3522-1] squid3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3522-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2016 https://www.debian.org/security/faq -...

7.5CVSS7.6AI score0.09288EPSS
Exploits0
OSV
OSV
added 2016/03/20 12:0 a.m.27 views

DSA-3522-1 squid3 - security update

Bulletin has no description...

7.5CVSS7.5AI score0.09288EPSS
Exploits0
OSV
OSV
added 2016/02/27 5:59 a.m.9 views

CVE-2016-2569

Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service assertion failure and daemon exit via a long string, as demonstrated by a crafted HTTP Vary header...

7.5CVSS7.4AI score
Exploits0References11
Debian CVE
Debian CVE
added 2016/02/27 2:0 a.m.33 views

CVE-2016-2571

http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a malformed response...

7.5CVSS7.5AI score0.09288EPSS
Exploits0
exploitpack
exploitpack
added 2016/02/17 12:0 a.m.11 views

Adobe Flash - H264 File Stack Corruption

Adobe Flash - H264 File Stack Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=633 The attached flv file causes stack corruption when loaded into Flash. To use the PoC, load LoadMP42.swf?file=lownull.flv from a remote server. Proof of Concept:...

0.3AI score
Exploits0
0day.today
0day.today
added 2016/02/17 12:0 a.m.41 views

Adobe Flash - H264 File Stack Corruption

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=633 The attached flv file causes stack corruption when loaded into Flash. To use the PoC, load LoadMP42.swf?file=lownull.flv from a remote server. Proof of Concept:...

10CVSS0.1AI score0.20595EPSS
Exploits2
exploitpack
exploitpack
added 2016/02/17 12:0 a.m.14 views

Adobe Flash - H264 Parsing Out-of-Bounds Read

Adobe Flash - H264 Parsing Out-of-Bounds Read Source: https://code.google.com/p/google-security-research/issues/detail?id=632 There is an out-of-bounds read in H264 parsing, a fuzzed file is attached. To load, load LoadMP4.swf with the URL parameter file=computepoc.flv from a remote server. Proof...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2016/02/17 12:0 a.m.23 views

Adobe Flash - H264 Parsing Out-of-Bounds Read

Source: https://code.google.com/p/google-security-research/issues/detail?id=632 There is an out-of-bounds read in H264 parsing, a fuzzed file is attached. To load, load LoadMP4.swf with the URL parameter file=computepoc.flv from a remote server. Proof of Concept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/02/17 12:0 a.m.25 views

Adobe Flash - H264 File Stack Corruption

Source: https://code.google.com/p/google-security-research/issues/detail?id=633 The attached flv file causes stack corruption when loaded into Flash. To use the PoC, load LoadMP42.swf?file=lownull.flv from a remote server. Proof of Concept:...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/02/17 12:0 a.m.18 views

Adobe Flash - H264 Parsing Out-of-Bounds Read

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=632 There is an out-of-bounds read in H264 parsing, a fuzzed file is attached. To load, load LoadMP4.swf with the URL parameter file=computepoc.flv from a remote server...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2016/02/13 12:46 a.m.21 views

New Relic: Unauthorized Access

Summary of Findings ------------------------------- The remote server https://download.newrelic.com allowed unauthenticated access to special access files that are only intended to be accessible after contacting the New Relic program managers as seen below. Exploiting the...

0.4AI score
Exploits0
Kitploit
Kitploit
added 2016/02/10 10:12 p.m.26 views

SideDoor - Debian/Ubuntu Backdoor Using A Reverse SSH Tunnel

sidedoor maintains a reverse tunnel to provide a backdoor. sidedoor can be used to remotely control a device behind a NAT. sidedoor is packaged for Debian-based systems with systemd or upstart. It has been used on Debian 8 jessie and Ubuntu 14.04 LTS trusty. The sidedoor user has full root access...

7.5AI score
Exploits0References1
0day.today
0day.today
added 2016/02/08 12:0 a.m.14 views

Adobe Flash - Processing AVC Causes Stack Corruption

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=634 The attached mp4 file causes stack corruption in Flash. To run the test, load LoadMP42.swf?file=null.mp4 from a remote server. Proof of Concept:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2016/02/08 12:0 a.m.22 views

Adobe Flash - Processing AVC Causes Stack Corruption

Source: https://code.google.com/p/google-security-research/issues/detail?id=634 The attached mp4 file causes stack corruption in Flash. To run the test, load LoadMP42.swf?file=null.mp4 from a remote server. Proof of Concept:...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2016/02/04 7:14 p.m.19 views

Keybase: Remote Server Restart Lead to Denial of Service by only one Request.

https://keybase.io//api/1.0/getsalt.json?uid=36965a2dc9bbd814e8558a77040c5419 Poc: set wrong uid in this examble i chabge last numbre from 9 to 8 https://keybase.io//api/1.0/getsalt.json?uid=36965a2dc9bbd814e8558a77040c5418...

0.7AI score
Exploits0
Hacker One
Hacker One
added 2016/02/02 2:6 p.m.22 views

Keybase: Remote Server Restart Lead to Denial of Server by only one Request.

URL === https://keybase.io//api/1.0/merkle/block.json?hash=68b5d3599be9acbe97bcc45603a322f85f8a99b9cbc696592fe1088c3a099a45d929f0bc2fae2230f0b31b5e4b4122365f50b34fcf91a94a357df90a83e3b013 Poc: ==== https://keybase.io//api/1.0/merkle/block.json?hash=1 see video...

1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2016/01/14 12:0 a.m.4 views

CVE-2016-0777

The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key...

7.1AI score0.63468EPSS
Exploits2References34
Hacker One
Hacker One
added 2016/01/13 11:59 p.m.157 views

HackerOne: HTML injection can lead to data theft

Hey, This is more like an in-depth security thing with a reasonable attack scenario. In some occasions, it seems to be possible to leak sensitive data to an external server, not affected by the CSP. This can happen in the following situation: 1. There's a HTML injection vulnerability 2. The...

0.1AI score
Exploits0
Rows per page
Query Builder