562 matches found
CVE-2016-5198
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page. Rece...
CVE-2016-5198
V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page...
Internet Bug Bounty: imagecropauto out-of-bounds access
Upstream Bug --- https://bugs.php.net/bug.php?id=72494 Summary --- imagecropauto on IMGCROPTHRESHOLD mode causes arbitrary read access and possible leak of information. The function imagecropauto doesn't check valid colors for non-truecolor images. This causes that gdImageRed/Green/Blue/Alpha...
Microsoft Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=876 We have encountered a Windows kernel crash in the nt!RtlValidRelativeSecurityDescriptor function invoked by nt!CmpValidateHiveSecurityDescriptors while loading corrupted registry hive files. An example of a crash log excerpt...
Internet Bug Bounty: gdImageTrueColorToPaletteBody allows arbitrary write/read access
Upstream bug report ================ 2016-06-29 04:03 UTC https://bugs.php.net/bug.php?id=72512 Patch ===== 2016-07-19 07:47 UTC http://git.php.net/?p=php-src.git;a=commit;h=928aecc002e906b309b28f0062f03d4e5eda3e45 Fixed for PHP 5.5 security only mode, PHP 5.6, PHP 7.0...
PT-2016-6145 · Pulse · Pulse Connect Secure
Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 7.4 through 7.4r13.3 Pulse Connect Secure PCS versions 8.0 through 8.0r8 Pulse Connect Secure PCS versions 8.1 through 8.1r1 Pulse Connect Secure PCS versions 8.2 through 8.2r0 Description: The administrative...
openSUSE Security Update : the Linux Kernel (openSUSE-2016-445)
The openSUSE Leap 42.1 kernel was updated to 4.1.20 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-1339: A memory leak in cuse could be used to exhaust kernel memory. bsc969356. - CVE-2015-7799: The slhcinit function in drivers/net/slip/slhc.c in the...
Janitza UMG Arbitrary File Read/Write Vulnerability (CNVD-2015-07286)
The Janitza UMG is an online power quality monitor for the energy industry from Janitza Germany. An arbitrary file read/write vulnerability exists in Janitza UMG 508, 509, 511, 604, 605. This allows remote attackers to read or write files via a TCP session on port 21...
SUSE SLED10 / SLES10 Security Update : PostgreSQL (SUSE-SU-2012:1336-1)
PostgreSQL was updated to the latest stable release 8.1.23, fixing various bugs and security issues. The following security issues have been fixed : - CVE-2012-3488: This update fixes arbitrary read and write of files via XSL functionality. - CVE-2012-2655: postgresql: denial of service stack...
VMware Workstation 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read
VMware Workstation 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor:...
VMWare vmx86.sys Arbitrary Kernel Read
Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product: Workstation Affected Version: 10.0.0.40273...
VMWare vmx86.sys Arbitrary Kernel Read
Vulnerability Details Affected Vendor: VMWare Affected Product: Workstation Affected Version: 10.0.0.40273 Platform: Microsoft Windows XP SP3 x86, Microsoft Windows Server 2003 SP2 x86, Microsoft Windows 7 SP1 x86 CWE Classification: CWE-20: Improper Input Validation Impact: Arbitrary Read,...
PonyOS 0.4.99-mlp - Multiple Vulnerabilities
Exploit for linux platform in category local exploits Introduction ------------ Like countless others, I was pretty excited about PonyOS yesterday April 1st 2013 and decided to give it a go. After wasting a lot of time nyan'ing, I knew this was the future of desktop OSes. However, I wondered how...
PonyOS 0.4.99-mlp - Multiple Vulnerabilities
Advisory: PonyOS Security Issues John Cartwright Introduction ------------ Like countless others, I was pretty excited about PonyOS yesterday April 1st 2013 and decided to give it a go. After wasting a lot of time nyan'ing, I knew this was the future of desktop OSes. However, I wondered how secur...
PonyOS 0.4.99-mlp Privilege Escalation
Advisory: PonyOS Security Issues John Cartwright Introduction ------------ Like countless others, I was pretty excited about PonyOS yesterday April 1st 2013 and decided to give it a go. After wasting a lot of time nyan'ing, I knew this was the future of desktop OSes. However, I wondered how secur...
SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 8311)
PostgreSQL was updated to the latest stable release 8.1.23, fixing various bugs and security issues. The following security issues have been fixed : - This update fixes arbitrary read and write of files via XSL functionality. CVE-2012-3488 - postgresql: denial of service stack exhaustion via...
Exponent 2.0.0 Beta 1.1 Local File Inclusion
------------------------------------------------------------------------ Software................Exponent 2.0.0 beta 1.1 Vulnerability...........Local File Inclusion / Arbitrary Read Threat Level............Critical 4/5 Download................http://www.exponentcms.org/ Discovery...
CVE-2006-6013
Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...
maxthon_arbitrary_read-write.html.txt
var iVuln=null; function checkVuln try if external.readFilemaxsecurityid,"m2bookmark","plugin.ini"!=null pls.innerText='Done!'; alert"Vulnerable!"; showFileContent; window.clearIntervaliVuln; else window.status=''; // Refresh the "max.src" script by setting the source file as the same file...
Portmon file arbitrary read/write access vulnerability
Package: Portmon Auth: http://www.aboleo.net/ Versions: 1.7 prior ? Vulnerability: File arbitrary read/write access vulnerability Portmon is a network service monitoring daemon http://www.aboleo.net/software/portmon/. "In order to use ping support, Portmon must run as root or be installed setuid...