2299 matches found
Drupal 7.x < 7.38 Multiple Vulnerabilities
Binary data 9217.prm...
Adobe Flash - URLStream.readObject Use-After-Free
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=611 There is a use-after-free in URLStream.readObject. If the object read is a registered class, the constructor will get invoked to create the object. If the constructor calls...
[SECURITY] [DSA 3522-1] squid3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3522-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2016 https://www.debian.org/security/faq -...
DSA-3522-1 squid3 - security update
Bulletin has no description...
CVE-2016-2569
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service assertion failure and daemon exit via a long string, as demonstrated by a crafted HTTP Vary header...
CVE-2016-2571
http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure, which allows remote HTTP servers to cause a denial of service assertion failure and daemon exit via a malformed response...
Adobe Flash - H264 File Stack Corruption
Adobe Flash - H264 File Stack Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=633 The attached flv file causes stack corruption when loaded into Flash. To use the PoC, load LoadMP42.swf?file=lownull.flv from a remote server. Proof of Concept:...
Adobe Flash - H264 File Stack Corruption
Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=633 The attached flv file causes stack corruption when loaded into Flash. To use the PoC, load LoadMP42.swf?file=lownull.flv from a remote server. Proof of Concept:...
Adobe Flash - H264 Parsing Out-of-Bounds Read
Adobe Flash - H264 Parsing Out-of-Bounds Read Source: https://code.google.com/p/google-security-research/issues/detail?id=632 There is an out-of-bounds read in H264 parsing, a fuzzed file is attached. To load, load LoadMP4.swf with the URL parameter file=computepoc.flv from a remote server. Proof...
Adobe Flash - H264 Parsing Out-of-Bounds Read
Source: https://code.google.com/p/google-security-research/issues/detail?id=632 There is an out-of-bounds read in H264 parsing, a fuzzed file is attached. To load, load LoadMP4.swf with the URL parameter file=computepoc.flv from a remote server. Proof of Concept:...
Adobe Flash - H264 File Stack Corruption
Source: https://code.google.com/p/google-security-research/issues/detail?id=633 The attached flv file causes stack corruption when loaded into Flash. To use the PoC, load LoadMP42.swf?file=lownull.flv from a remote server. Proof of Concept:...
Adobe Flash - H264 Parsing Out-of-Bounds Read
Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=632 There is an out-of-bounds read in H264 parsing, a fuzzed file is attached. To load, load LoadMP4.swf with the URL parameter file=computepoc.flv from a remote server...
New Relic: Unauthorized Access
Summary of Findings ------------------------------- The remote server https://download.newrelic.com allowed unauthenticated access to special access files that are only intended to be accessible after contacting the New Relic program managers as seen below. Exploiting the...
SideDoor - Debian/Ubuntu Backdoor Using A Reverse SSH Tunnel
sidedoor maintains a reverse tunnel to provide a backdoor. sidedoor can be used to remotely control a device behind a NAT. sidedoor is packaged for Debian-based systems with systemd or upstart. It has been used on Debian 8 jessie and Ubuntu 14.04 LTS trusty. The sidedoor user has full root access...
Adobe Flash - Processing AVC Causes Stack Corruption
Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=634 The attached mp4 file causes stack corruption in Flash. To run the test, load LoadMP42.swf?file=null.mp4 from a remote server. Proof of Concept:...
Adobe Flash - Processing AVC Causes Stack Corruption
Source: https://code.google.com/p/google-security-research/issues/detail?id=634 The attached mp4 file causes stack corruption in Flash. To run the test, load LoadMP42.swf?file=null.mp4 from a remote server. Proof of Concept:...
Keybase: Remote Server Restart Lead to Denial of Service by only one Request.
https://keybase.io//api/1.0/getsalt.json?uid=36965a2dc9bbd814e8558a77040c5419 Poc: set wrong uid in this examble i chabge last numbre from 9 to 8 https://keybase.io//api/1.0/getsalt.json?uid=36965a2dc9bbd814e8558a77040c5418...
Keybase: Remote Server Restart Lead to Denial of Server by only one Request.
URL === https://keybase.io//api/1.0/merkle/block.json?hash=68b5d3599be9acbe97bcc45603a322f85f8a99b9cbc696592fe1088c3a099a45d929f0bc2fae2230f0b31b5e4b4122365f50b34fcf91a94a357df90a83e3b013 Poc: ==== https://keybase.io//api/1.0/merkle/block.json?hash=1 see video...
CVE-2016-0777
The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key...
HackerOne: HTML injection can lead to data theft
Hey, This is more like an in-depth security thing with a reasonable attack scenario. In some occasions, it seems to be possible to leak sensitive data to an external server, not affected by the CSP. This can happen in the following situation: 1. There's a HTML injection vulnerability 2. The...