InstantCoder 1.0 iOS - Multiple Vulnerabilities

Exploit for iOS platform in category web applications Document Title: =============== InstantCoder v1.0 iOS - Multiple Web Vulnerabilities Product & Service Introduction: =============================== You are one of the best developers in the world and you would like to code anytime, anywhere...

cpio denial of service vulnerability

cpio is a set of file backup tools developed by the GNU Project for use in UNIX operating systems. A security vulnerability exists in cpio that could be exploited by an attacker to crash a cpio instance and cause a denial of service...

DEBIAN-CVE-2015-8791

The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access...

D-Link Webcam Hack Turns IoT Device into Backdoor

Connecting a webcam to your home or office network might seem like a harmless thing, but researchers have figured out how to turn that connected device into a backdoor. Researchers at Vectra Networks today released a report demonstrating how a $30 D-Link webcam can be abused by attackers and turn...

MS16-006: Security Update for Silverlight to Address Remote Code Execution (3126036)

The version of Microsoft Silverlight installed on the remote Windows host is affected by a remote code execution vulnerability due to a flaw that allows strings to be decoded by a malicious decoder that returns negative offsets. An unauthenticated, remote attacker can exploit this vulnerability, ...

SAP Hostcontrol remote DOS

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java 7.0 – 7.5 Vendor URL: SAP Bug: DoS Reported: 01.11.2016 Vendor response: 02.11.2016 Date of Public Advisory: 13.06.2017 Reference: SAP Security Note 2389181 Authors: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: D...

netcf remote denial of service vulnerability

netcf is a library for configuring network interfaces. A remote denial of service vulnerability exists in netcf. An attacker could exploit this vulnerability to crash an application and deny service to legitimate users...

WordPress Plugin Pinpoint Booking System SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.Pinpoint Booking System is one of the plugins used to create a booking or reservation system in a WordPress site. A SQL...

Lithium Forum - Client Side POST Inject Vulnerability

Document Title: =============== Lithium Forum - Client Side POST Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1519 Release Date: ============= 2015-12-22 Vulnerability Laboratory ID VL-ID: ==================================== 1519...

python-rdomanager-oscplugin: NeutronMetadataProxySharedSecret parameter uses default value

It was discovered that Director's NeutronMetadataProxySharedSecret parameter remained specified at the default value of 'unset'. This value is used by OpenStack Networking to sign instance headers; if unchanged, an attacker knowing the shared secret could use this flaw to spoof OpenStack Networki...

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2015-08344)

IBM WebSphere Portal is a suite of enterprise portal software from IBM in the United States. A cross-site scripting vulnerability exists in IBM WebSphere Portal. An attacker can exploit this vulnerability to execute arbitrary script code, steal cookie-based authentication and launch other attacks...

Apple iOS URL Forgery Vulnerability

Apple iOS is an operating system developed by Apple for use in cell phones and other devices. A security vulnerability exists in Apple iOS that allows attackers to exploit a vulnerability to build malicious web pages that can be spoofed URLs by tricking users into parsing them...

Microsoft Windows Library Loading Remote Code Execution Vulnerability (CNVD-2015-08040)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that originates from a program failing to properly validate input before loading a library. An attacker could exploit the vulnerability ...

Red Hat JBoss Portal Security Bypass Vulnerability

Red Hat JBoss Portal is an open source and standards-compliant portal platform from Red Hat Red Hat. The platform can build , layout of a portal Web interface for publishing , managing content and customizing the user experience. A security vulnerability exists in the Red Hat JBoss Portal 6.x...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

grep: heap buffer overrun

A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory...

Magento Bug Bounty #22 - (Profile) Persistent Vulnerability

Document Title: =============== Magento Bug Bounty 22 - Profile Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1636 Magento Security ID: APPSEC-1121 Release Date: ============= 2015-11-06 Vulnerability Laboratory ID VL-ID:...

Directory Traversal

Overview Versions 13.0.8 and earlier of geddy are vulnerable to a directory traversal attack via URI encoded attack vectors. Proof of Concept http://localhost:4000/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd Recommendation Update geddy to version =...

Git-1.9.5 ssh-agent.exe Buffer Overflow Exploit

Exploit for windows platform in category dos / poc Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe github.com/msysgit/msysgit/releases/tag/Git-1.9.5-preview20150319 Vulnerability Type: =================== Buffer Overflow...

IBM OpenPages GRC Platform Information Disclosure Vulnerability

IBM OpenPages GRC Platform is a suite of governance, risk and compliance platforms for managing enterprise risk and compliance challenges. IBM OpenPages GRC Platform has a security vulnerability that allows a remote attacker to submit a special request to obtain sensitive information from an erro...