87 matches found
CVE-2020-14713
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac...
Acronis: Account Takeover on unverified emails in File Sync & Share
Summary The name change functionality in File Sync & Share is expected to change the name in File Sync & Share. But the API endpoint used in it also allows changing email to any email without having to verify the email. The login email stays the same but the email within File Sync & Share...
MoneyChainNet has a flawed logic vulnerability
MoneyChainNet MCN is an Ether-based digital currency. An integer overflow vulnerability exists in the 'sell' function in MCN's smart contract implementation. An attacker could use this vulnerability to prevent the seller from accessing the assets due to the exchange...
GitLab: Group search leaks private MRs, code, commits
Summary Using the group search you can access MRs and code set as "not public" in a project Steps to reproduce Create a public group, create a public project inside the group, but with private code. Push some code, search in the group search the code while logged out, you will find it also if it...
Ruby: OS Command Injection via egrep in Rake::FileList
When a file which has command file name of stating with | is in Rake::FileList, then egrep will execute the command. How to reproduce PoC pocrake.rb is the following. ruby require 'rake' list = Rake::FileList.newDir.glob'' p list list.egrep/something/ Example of executing. % ls -1 Gemfile...
ZEIT: Stored XSS in profile page
Summary: There is a stored XSS vulnerability in the users profile page. Steps To Reproduce: 1. Go to https://zeit.co/login and login. 2. Go to https://zeit.co/profile/username/edit 3. Enter any value in the field which shows name 4. Intercept it burp and send it to repeater. 5. Then change the na...
F5 Networks BIG-IP : BIG-IP SNMP vulnerability (K42027747)
The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.0. It is, therefore, affected by a vulnerability as referenced in the K42027747 advisory. The passphrases for SNMPv3 users and trap destinations that are used forauthentication and privacy are not handled by the BIG-I...
CVE-2017-10031
Vulnerability in the Oracle Communications Convergence component of Oracle Communications Applications subcomponent: Mail Proxy dojo. Supported versions that are affected are 3.0 and 3.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
Buffer overflow
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
July 7, 2017 – Morning Cyber Coffee Headlines – “Spiderman” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! July 7, 2017 - Headlines Carbon Black in the News: Residents of these states ar...
Design/Logic Flaw
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image0000000000400000+0x000000000001b596."...
CVE-2017-3553
Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware subcomponent: Rules Engine. The supported version that is affected is 11.1.2.3.0. Easily "exploitable" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Identity Manager...
CVE-2014-9852
distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors...
Design/Logic Flaw
Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...
BlackNurse Spoofed ICMP Denial Of Service Proof Of Concept Vulnerability
Blacknurse is a low bandwidth ICMP attack that is capable of doing denial of service to well known firewalls. Most ICMP attacks that we see are based on ICMP Type 8 Code 0 also called a ping flood attack. BlackNurse is based on ICMP with Type 3 Code 3 packets. We know that when a user has allowed...
Ubiquiti Inc.: Subdomain Takeover (moderator.ubnt.com)
Hello Team This report is same as 179110 One of your subdomain http://moderator.ubnt.com is pointing towards 216.58.203.243 moderator.ubnt.com 216.58.203.243 ghs.google.com 216.58.203.243 ghs.l.google.com F134183 And it is unclaimed When I open it it is showing F134184 Impact :- An attacker can...
Oracle Netbeans IDE 8.1 Directory Traversal Vulnerability
Exploit for php platform in category local exploits + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-NETBEANS-IDE-DIRECTORY-TRAVERSAL.txt + ISR: ApparitionSec Vendor: =============== www.oracle.com Product:...
CVE-2015-8949
Use-after-free vulnerability in the mylogin function in DBD::mysql before 4.03301 allows attackers to have unspecified impact by leveraging a call to mysqlerrno after a failure of mylogin...
X (Formerly Twitter): Bypassing Digits origin validation which leads to account takeover
Hi, I would like to report an important issue that affects websites that has integrated "Signin with Digits" , leading to potential account takeover. Detail In Digits architecture, the data communication channel between Digits and customer's site relies on postMessage. In order to prevent malicio...
Design/Logic Flaw
The nssparseciphers function in libraries/libldap/tlsm.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors...