162 matches found
Cumulative Update for Windows 10: May 10, 2016
Cumulative Update for Windows 10: May 10, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10 and resolves the following vulnerabilities in Windows: 3155533 MS16-051: Cumulative Security update for Internet Explorer: May 10, 2016 3155538 MS16-052:...
Cumulative Update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: May 10, 2016
Cumulative Update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: May 10, 2016 Summary This security update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4 includes functionality improvements and fixes, and it resolves the following vulnerabilities...
MS16-066: Security Update for Virtual Secure Mode (3155451)
The remote Windows host is missing a security update. It is, therefore, affected by a security feature bypass vulnerability due to certain kernel-mode pages being marked as RWX Read, Write, Execute even when Hypervisor Code Integrity HVCI is enabled. An attacker can exploit this vulnerability, vi...
Debian DLA-452-1 : smarty3 security update
Smarty3, a template engine for PHP, allowed remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by 'literal' in a template. For Debian 7 'Wheezy', these problems have been fixed in version 3.1.10-2+deb7u1. We recommend that you upgrade your smart...
DLA-452-1 smarty3 - security update
Bulletin has no description...
SOL16124 - OpenSSL vulnerability CVE-2015-0206
The SOD process is only vulnerable if the failover.secure db variable is enabled; the db variable is disabled by default. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed...
SOL16123 - OpenSSL vulnerability CVE-2014-3571
The SOD process is only vulnerable if the failover.secure database variable is enabled; the database variable is disabled by default. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to th...
Updated php-smarty packages fix security vulnerability
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template CVE-2014-8350...
.NET Remoting Services - Remote Command Execution
Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35280.zip ExploitRemotingService c 2014 James Forshaw ============================================= A tool to exploit .NET Remoting...
.NET Remoting Services - Remote Command Execution
.NET Remoting Services - Remote Command Execution Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35280.zip ExploitRemotingService c 2014 James Forshaw...
.NET Remoting Services Remote Command Execution Vulnerability
Exploit for windows platform in category remote exploits Source: https://github.com/tyranid/ExploitRemotingService Exploit Database Mirror: http://www.exploit-db.com/sploits/35280.zip ExploitRemotingService c 2014 James Forshaw ============================================= A tool to exploit .NET...
UBUNTU-CVE-2014-8350
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template...
Design/Logic Flaw
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template...
CVE-2014-8350
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template...
Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4
CVE-2013-0253 Apache Maven Severity: Medium Vendor: The Apache Software Foundation Versions Affected: - Apache Maven 3.0.4 - Apache Maven Wagon 2.1, 2.2, 2.3 Description: Apache Maven 3.0.4 with Apache Maven Wagon 2.1 has introduced a non-secure SSL mode by default. This mode disables all SSL...
lexmark-config NSE Script
Retrieves configuration information from a Lexmark S300-S400 printer. The Lexmark S302 responds to the NTPRequest version probe with its configuration. The response decodes as mDNS, so the request was modified to resemble an mDNS request as close as possible. However, the port 9100/udp is listed ...
CVE-2006-1671
Control cards for Cisco Optical Networking System ONS 15000 series nodes before 20060405 allow remote attackers to cause a denial of service card reset via 1 a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; 2 a "crafted" IP packet to a devic...
PT-2005-3760 · Filezilla · Filezilla
Name of the Vulnerable Software and Affected Versions: FileZilla versions 2.2.14b through 2.2.15 FileZilla versions prior to 2.2.14b Description: The issue concerns the use of a weak encryption scheme to store user passwords in the configuration settings file when "Use secure mode" is disabled...
Imail Cookie Vulnerability (unhashed)
Neither Regular or secure mode of Imail properly give out a hash on cookies leaving the cookies straight readable to any onlookers. No exploit is needed POC: "IMailUserId 1006332dgd2@Someserver" -------------------------- "IMailpassword 1234" Straight From Cookie ^^ edited to protect user Shoutz ...
CVE-2002-1413
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" SSL option during a connection...