Lucene search
K

562 matches found

ATTACKERKB
ATTACKERKB
added 2017/01/19 12:0 a.m.28 views

CVE-2016-5198

V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page. Rece...

8.8CVSS3.7AI score0.34703EPSS
In wildExploits1References6
UbuntuCve
UbuntuCve
added 2016/11/08 12:0 a.m.30 views

CVE-2016-5198

V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page...

8.8CVSS7.3AI score0.34703EPSS
Exploits1References3
Hacker One
Hacker One
added 2016/10/26 2:40 a.m.21 views

Internet Bug Bounty: imagecropauto out-of-bounds access

Upstream Bug --- https://bugs.php.net/bug.php?id=72494 Summary --- imagecropauto on IMGCROPTHRESHOLD mode causes arbitrary read access and possible leak of information. The function imagecropauto doesn't check valid colors for non-truecolor images. This causes that gdImageRed/Green/Blue/Alpha...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2016/10/20 12:0 a.m.48 views

Microsoft Windows Kernel - Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=876 We have encountered a Windows kernel crash in the nt!RtlValidRelativeSecurityDescriptor function invoked by nt!CmpValidateHiveSecurityDescriptors while loading corrupted registry hive files. An example of a crash log excerpt...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2016/07/25 6:46 p.m.31 views

Internet Bug Bounty: gdImageTrueColorToPaletteBody allows arbitrary write/read access

Upstream bug report ================ 2016-06-29 04:03 UTC https://bugs.php.net/bug.php?id=72512 Patch ===== 2016-07-19 07:47 UTC http://git.php.net/?p=php-src.git;a=commit;h=928aecc002e906b309b28f0062f03d4e5eda3e45 Fixed for PHP 5.5 security only mode, PHP 5.6, PHP 7.0...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2016/05/26 12:0 a.m.7 views

PT-2016-6145 · Pulse · Pulse Connect Secure

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 7.4 through 7.4r13.3 Pulse Connect Secure PCS versions 8.0 through 8.0r8 Pulse Connect Secure PCS versions 8.1 through 8.1r1 Pulse Connect Secure PCS versions 8.2 through 8.2r0 Description: The administrative...

8.6CVSS8.6AI score0.02242EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/04/13 12:0 a.m.47 views

openSUSE Security Update : the Linux Kernel (openSUSE-2016-445)

The openSUSE Leap 42.1 kernel was updated to 4.1.20 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-1339: A memory leak in cuse could be used to exhaust kernel memory. bsc969356. - CVE-2015-7799: The slhcinit function in drivers/net/slip/slhc.c in the...

10CVSS6.9AI score0.14546EPSS
Exploits13References58
CNVD
CNVD
added 2015/10/30 12:0 a.m.4 views

Janitza UMG Arbitrary File Read/Write Vulnerability (CNVD-2015-07286)

The Janitza UMG is an online power quality monitor for the energy industry from Janitza Germany. An arbitrary file read/write vulnerability exists in Janitza UMG 508, 509, 511, 604, 605. This allows remote attackers to read or write files via a TCP session on port 21...

7.5CVSS7AI score0.02266EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.35 views

SUSE SLED10 / SLES10 Security Update : PostgreSQL (SUSE-SU-2012:1336-1)

PostgreSQL was updated to the latest stable release 8.1.23, fixing various bugs and security issues. The following security issues have been fixed : - CVE-2012-3488: This update fixes arbitrary read and write of files via XSL functionality. - CVE-2012-2655: postgresql: denial of service stack...

6.5CVSS7.2AI score0.04972EPSS
Exploits3References12
exploitpack
exploitpack
added 2014/11/06 12:0 a.m.29 views

VMware Workstation 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read

VMware Workstation 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor:...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2014/11/05 12:0 a.m.41 views

VMWare vmx86.sys Arbitrary Kernel Read

Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product: Workstation Affected Version: 10.0.0.40273...

0.3AI score
Exploits0
KoreLogic Security
KoreLogic Security
added 2014/11/04 12:0 a.m.494 views

VMWare vmx86.sys Arbitrary Kernel Read

Vulnerability Details Affected Vendor: VMWare Affected Product: Workstation Affected Version: 10.0.0.40273 Platform: Microsoft Windows XP SP3 x86, Microsoft Windows Server 2003 SP2 x86, Microsoft Windows 7 SP1 x86 CWE Classification: CWE-20: Improper Input Validation Impact: Arbitrary Read,...

6.4AI score
Exploits0Affected Software1
0day.today
0day.today
added 2013/04/08 12:0 a.m.30 views

PonyOS 0.4.99-mlp - Multiple Vulnerabilities

Exploit for linux platform in category local exploits Introduction ------------ Like countless others, I was pretty excited about PonyOS yesterday April 1st 2013 and decided to give it a go. After wasting a lot of time nyan'ing, I knew this was the future of desktop OSes. However, I wondered how...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2013/04/08 12:0 a.m.25 views

PonyOS 0.4.99-mlp - Multiple Vulnerabilities

Advisory: PonyOS Security Issues John Cartwright Introduction ------------ Like countless others, I was pretty excited about PonyOS yesterday April 1st 2013 and decided to give it a go. After wasting a lot of time nyan'ing, I knew this was the future of desktop OSes. However, I wondered how secur...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/04/02 12:0 a.m.31 views

PonyOS 0.4.99-mlp Privilege Escalation

Advisory: PonyOS Security Issues John Cartwright Introduction ------------ Like countless others, I was pretty excited about PonyOS yesterday April 1st 2013 and decided to give it a go. After wasting a lot of time nyan'ing, I knew this was the future of desktop OSes. However, I wondered how secur...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/10/15 12:0 a.m.58 views

SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 8311)

PostgreSQL was updated to the latest stable release 8.1.23, fixing various bugs and security issues. The following security issues have been fixed : - This update fixes arbitrary read and write of files via XSL functionality. CVE-2012-3488 - postgresql: denial of service stack exhaustion via...

6.5CVSS7.2AI score0.04972EPSS
Exploits3References8
Packet Storm
Packet Storm
added 2011/05/09 12:0 a.m.16 views

Exponent 2.0.0 Beta 1.1 Local File Inclusion

------------------------------------------------------------------------ Software................Exponent 2.0.0 beta 1.1 Vulnerability...........Local File Inclusion / Arbitrary Read Threat Level............Critical 4/5 Download................http://www.exponentcms.org/ Discovery...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2006/11/21 11:0 p.m.28 views

CVE-2006-6013

Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...

6.2AI score0.00398EPSS
Exploits0References19
Packet Storm
Packet Storm
added 2005/04/17 12:0 a.m.16 views

maxthon_arbitrary_read-write.html.txt

var iVuln=null; function checkVuln try if external.readFilemaxsecurityid,"m2bookmark","plugin.ini"!=null pls.innerText='Done!'; alert"Vulnerable!"; showFileContent; window.clearIntervaliVuln; else window.status=''; // Refresh the "max.src" script by setting the source file as the same file...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/06/21 12:0 a.m.42 views

Portmon file arbitrary read/write access vulnerability

Package: Portmon Auth: http://www.aboleo.net/ Versions: 1.7 prior ? Vulnerability: File arbitrary read/write access vulnerability Portmon is a network service monitoring daemon http://www.aboleo.net/software/portmon/. "In order to use ping support, Portmon must run as root or be installed setuid...

0.3AI score
Exploits0
Rows per page
Query Builder