2027 matches found
WordPress VaultPress 1.8.4 Remote Code Execution / Man-In-The-Middle
------------------------------------------------------------------------ VaultPress - Remote Code Execution via Man in The Middle attack ------------------------------------------------------------------------ David Vaartjes, July 2016...
Atheme IRC Services Denial of Service Vulnerability
Atheme IRC Services is a portable and secure IRC service set that runs on many IRCs. A denial of service vulnerability exists in Atheme IRC Services. An attacker can exploit the vulnerability to launch a denial of service attack...
132 Google Play Apps Booted For Having Malicious IFrames
Google removed 132 apps infected with malicious iFrames from its Google Play store after security researchers discovered a development platform used to create the apps was infected with malware and in turn compromised the apps. Palo Alto Networks’ Unit 42 researchers said the apps were infected...
X.org Privilege Escalation / Use-After-Free / Weak Entropy Vulnerabilities
Exploit for windows platform in category local exploits Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...
Virglrenderer Denial of Service Vulnerability (CNVD-2017-02435)
Virglrenderer is a library for maintaining API stability in Virgil 3d projects. A denial of service vulnerability exists in Virglrenderer. An attacker could exploit this vulnerability to launch a denial of service attack...
Lithium Forum Server-Side Request Forgery
Document Title: =============== Lithium Forum - Compose Message SSRF Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2030 Release Date: ============= 2017-02-20 Vulnerability Laboratory ID VL-ID: ==================================== 2030...
Apple macOS Sierra IOAudioFamily Memory Leak Vulnerability
Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers.IOAudioFamily is one of the input and output audio components. A memory leak vulnerability exists in IOAudioFamily in Apple macOS Sierra. An attacker can exploit this vulnerability to obtain kernel memory...
Nitro Pro Remote Code Execution Vulnerability
Nitro Pro is a U.S. company Nitro PDF production and management software. A remote code execution vulnerability exists in the PDF parsing feature of Nitro Pro 10. An attacker could exploit the vulnerability to send a specific PDF file to the victim, leading to potential code execution...
Memory corruption
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability...
BitlBee Denial of Service Vulnerability
BitlBee is an irc server. A denial of service vulnerability exists in BitlBee. An attacker could exploit this vulnerability to cause a denial of service...
Google Android Filesystem Information Disclosure Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An information disclosure vulnerability exists in Google Android Filesystem. Attackers can use this vulnerability to obtain sensitive information and launch further attacks...
Arbitrary file deletion
A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...
CVE-2017-5595
A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...
CVE-2017-5595
A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...
CVE-2017-5595
A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...
mod_cluster: Protocol parsing logic error
An error was found in protocol parsing logic of modcluster load balancer Apache HTTP Server modules. An attacker could use this flaw to cause a Segmentation Fault in the serving httpd process...
PHP 'ext/pcre/php_pcre.c' Information Disclosure Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. PHP...
CVE-2016-5697
Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors...
SAP HANA Information Disclosure Vulnerability (CNVD-2016-13026)
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions, users can directly query and analyze a large amount of real-time business data. SAP HANA has an information disclosure vulnerability that can be exploited by attackers to obtain...
Microsoft Internet Explorer 9 - IEFRAME CMarkupPointer::MoveToGap Use-After-Free
!-- Source: http://blog.skylined.nl/20161215001.html Synopsis A specially crafted web-page can trigger a use-after-free vulnerability in Microsoft Internet Explorer 9. The use appears to happen only once almost immediately after the free, which makes practical exploitation unlikely. Known affecte...