Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3289)

A use after free vulnerability was discovered within Microsoft Internet Explorer. The root cause comes from dll file triggering a use after free condition. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system...

Internet Explorer Security Feature Bypass Vulnerability

A restricted ports security feature bypass vulnerability exists for Internet Explorer. An attacker could take advantage of the vulnerability to trick a user into connecting to a remote system. To exploit the vulnerability, an attacker would have to either convince a user to visit a malicious...

Microsoft Internet Explorer Memory Corruption (MS16-051: CVE-2016-0189)

A use after free vulnerability exists in Microsoft Internet Explorer. The root cause is a heap corruption when dealing with a corrupted VBScript array size. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system...

Amazon Linux: Security Advisory (ALAS-2015-630)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQL Injection Vulnerability in Comay RAS System

The Comet RAS system is a system that provides organizations with a centralized method of managing remote access to applications from a central point. A SQL injection vulnerability exists in the Comay RAS system. An attacker could exploit the vulnerability to gain access to sensitive database...

MySQL Query Browser Password Dump - Command-line Tool to Recover Lost or Forgotten Passwords from MySQL Query Browser

MySQL Query Browser Password Dump is the free command-line tool to instantly recover your lost or forgotten passwords from MySQL Query Browser software. MySQL Query Browser is a simple software to manage your MySQL database connections and queries. By default, it stores all the database login...

Default Password (passw0rd) for 'superuser' Account

The account 'superuser' on the remote host has the password 'passw0rd'. An attacker can leverage this issue to gain administrative access to the affected system. Note that IBM Storwize devices are known to use these credentials to provide administrative access to the device. %NASLMINLEVEL 70300 C...

Oracle Solaris Third-Party Patch Update : openssl (lucky_thirteen_vulnerability_in_solaris)

The remote Solaris system is missing necessary patches to address security updates : - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service NULL pointe...

Google Amazon rush to fix Shellshock security vulnerability-vulnerability warning-the black bar safety net

! 1 Google Amazon rush to fix Shellshocksecurityvulnerability Sina technology hearing Beijing Time 9 on 2 6 on the morning news, the researchers found that the latest Shellshock vulnerability could affect about 5 0% of network server, as well as many Apple devices, Google and Amazon on Thursday...

NateOn Messenger 3.0 Arbitrary File Download And Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14974/info NateOn Messenger is susceptible to an arbitrary file download vulnerability, and a buffer overflow vulnerability. These issues are present in the 'NateonDownloadManager.ocx' ActiveX control that is installed wi...

File Sharing Wizard 1.5.0 - (SEH) Exploit

No description provided by source. !/usr/bin/python print \n print Team Hackers Garage print www.garage4hackers.com print print File Sharing Wizard Version 1.5.0 print Remote Command Execution print Author: b0nd print [email protected] print print Greetz to: The Hackers Garage Family print...

MyTickets 1 to 2.0.8 Blind SQL Injection

No description provided by source. ?php / --------------------------------------------------------------- MyTickets = Remote Blind SQL Injection Exploit by al-swisre --------------------------------------------------------------- author...............: al-swisre mail.................:...

Qualcomm Eudora 5.0.2 'Use Microsoft Viewer' Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2490/info Eudora uses Internet Explorer to assist in the viewing of html messages if the 'Use Microsoft Viewer' option is enabled. Eudora also has a 'allow executables in HTML content' option, which the documentation...

iPlanet 4.1 Web Publisher Remote Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2732/info iPlanet Webserver is an http server product offered by the Sun-Netscape Alliance. By sending a specially crafted request composed of at least 2000 characters it is possible to cause a buffer overflow. This could...

UMN Gopherd 2.x Halidate Function Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1591/info It is possible to either execute arbitrary code or crash a remote system running University of Minnesota's Gopher Daemon, depending on the data entered. An unchecked buffer exists in the 'halidate' function of...

phpplanner <= PHP Planner 0.4 - Multiple Vulnerabilities

No description provided by source. Title: phpplanner = PHP Planner v.0.4 Multiple Vulnerabilities Date: 13/05/10 Author: cp77fk4r | empty0pageSHIFT+2gmail.com | www.DigitalWhisper.co.il Software Link: http://phpplanner.sourceforge.net/ Version: = v.0.4 Tested on: PHP Full Path Disclosure Full Pat...

David Harris Pegasus Mail 3.12 File Forwarding Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1738/info It is possible for a malicious website operator to obtain copies of known files on a remote system if a website visitor is running Pegasus Mail client. If the following code were to be inserted into a HTML...

SunView (SunOS <= 4.1.1) selection_svc Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/8/info On Sun3 and Sun4 systems, a remote system can read any file that is readable to the user running SunView. On the 386i, a remote system can read any file on the workstation running SunView regardless of protections...

Brocade Fabric OS Default Credentials

The remote device is a Brocade Fabric OS device that uses a set of known, default credentials. Knowing these, an attacker able to connect to the service can gain control of the device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

openSUSE Security Update : libfreetype6 (openSUSE-SU-2010:0549-1)

This update of freetype2 fixes several vulnerabilities that could lead to remote system compromise by executing arbitrary code with user privileges : - CVE-2010-1797: stack-based buffer overflow while processing CFF opcodes - CVE-2010-2497: integer underflow - CVE-2010-2498: invalid free -...