Valve: Buffer overflows in demo parsing

This was originally reported by @yalter at https://github.com/ValveSoftware/halflife/issues/1654...

JVN#43382653: iRemoconWiFi App for Android fails to verify SSL server certificates

iRemoconWiFi App for Android provided by Glamo Inc. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provided by th...

curl/curl_fuzzer_rtsp: Heap-buffer-overflow in rtsp_rtp_readwrite

Project: https://github.com/curl/curl.git Detailed report: https://oss-fuzz.com/testcase?key=6722246199476224 Project: curl Fuzzer: aflcurlfuzzerrtsp Fuzz target binary: curlfuzzerrtsp Job Type: aflasancurl Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x629000009214...

CVE-2017-16864

CVE-2017-16864 describes an XSS vulnerability in Atlassian Jira prior to version 7.4.2. The issue is triggered in the orderby parameter of the Jira “issue search” resource, allowing remote attackers to inject arbitrary HTML or JavaScript. Components affected are Jira’s search/resource handling fo...

CVE-2017-15205

In Kanboard before 1.0.47, by altering form data, an authenticated user can download attachments from a private project of another user...

affordablegranitenh.com XSS vulnerability

Vulnerable URL: http://www.affordablegranitenh.com/Granite-Countertop-Coupons.asp?color=1/-///'/"//--...

CVE-2016-9838

An issue was discovered in components/comusers/models/registration.php in Joomla! before 3.6.5. Incorrect filtering of registration form data stored to the session on a validation error enables a user to gain access to a registered user's account and reset the user's group mappings, username, and...

GitLab: State filter in IssuableFinder allows attacker to delete all issues and merge requests

Vulnerability details The state filter in the IssuableFinder class has the ability to filter issues and merge requests by state. This filter is implemented by calling publicsend with unfiltered user input. This allows an attacker to call deleteall or destroyall. Because the method is called befor...

USN-2943-1: PCRE vulnerabilities

It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2014-7470

The I Know the Movie aka com.guilardi.jesaislefilm2 application jesaisfilmandroid1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Medium: php55

Issue Overview: The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted ASCII file that triggers a...

OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities

source: https://www.securityfocus.com/bid/66251/info OpenX is prone to multiple cross-site request-forgery vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. OpenX 2.8.11 and prior versions are vulnerable...

CentOS 4 : openssl (CESA-2007:1003)

Updated OpenSSL packages that correct a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 an...

pliggCMS (thumbnail_plus) Remote File Inclusion

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Unfixed XSS vulnerability at www.elite-formation.com

Security researcher k3vin mitnick, has submitted on 04/05/2010 a cross-site-scripting XSS vulnerability affecting www.elite-formation.com, which at the time of submission ranked 1866262 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/12/2011...

Joomla Jeema Article Collection SQL Injection

Joomla Component comjeemaarticlecollection SQL injection Vulnerability author : Fl0riX Greetz : BARCOD3 , Septemb0x, Deep-Power,DreamPower,Pyske,3kb3r Name : comjeemaarticlecollection Bug Type : SQL Injection Infection : Admin login bilgileri alýnabilir. Demo Vuln. :...

libpng information leak

During displaying of 1-bit image with width values that are not divisible by 8 data from non-initialized memory is used...

Unfixed XSS vulnerability at www.hungryhacker.com

Security researcher TreX, has submitted on 19/05/2008 a cross-site-scripting XSS vulnerability affecting www.hungryhacker.com, which at the time of submission ranked 1512364 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/06/2008. It is...

SkyFex Client 1.0 - ActiveX Start() Method Remote Stack Overflow

SkyFex Client 1.0 - ActiveX Start Method Remote Stack Overflow ----------------------------------------------------------------------------- SkyFex Client 1.0 "Start" Method Remote Stack Overflow url: https://skyfex.com/ Author: shinnai mail: shinnaiatautisticidotorg site:...

phpBandManager 0.8 (index.php pg) Remote File Inclusion Vulnerability

author:koray greetz:cigicigi.net script:http://sourceforge.net/projects/phpbandmanager allowurlfopen:on or registerglobals:on vuln; /bandmanager/suite/index.php include$GET'pg'.".php"; example; http://www.victim.com/suite/index.php?pg=shell link? milw0rm.com 2007-04-26...