Stored Cross-Site Scripting Vulnerability at Custom Inputs in Thinksaas System

ThinkSAAS is a lightweight open source community system is a community system that can be used to build discussion groups, bbs and circles. A stored cross-site scripting vulnerability exists in Thinksaas version 2.5 at the system's custom input. The system uses a blacklisting mechanism to filter...

Unable to Import Windows 10 Gold Image into App Layering ELM: "Failed scanning a directory for files" because of Microsoft.MicrosoftOfficeHub

App Layering 4.0 - 4.5 : The Enterprise Layer Manager ELM fails while publishing an image. Error: "A failure occurred while importing the Layered Image. Failed scanning a directory for files" Be aware that this article is specifically about NTFS attribute handling regarding files in...

kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty null write to this file can crash the system by causing the system to attempt to access unmapped kernel memory...

Out-of-bounds

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service out-of-bounds read and application crash via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627...

DEBIAN-CVE-2016-4483

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service out-of-bounds read and application crash via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627...

CVE-2016-4483

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service out-of-bounds read and application crash via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627...

CVE-2016-4483

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service out-of-bounds read and application crash via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627...

(Pwn2Own) Adobe Flash TextField Attribute Array Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

UBUNTU-CVE-2016-5041

dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via a debugging information entry using DWARF5 and without a DWATname...

DEBIAN-CVE-2016-5041

dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via a debugging information entry using DWARF5 and without a DWATname...

Denial of service

Huawei MBB Mobile Broadband product E3272s with software versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 has a Denial of Service DoS vulnerability. An attacker could send a malicious packet to the Common Gateway Interface CGI of a target device and make it fail while setting the port...

Cross-Site Scripting (XSS) in event tag of HTML element

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...

Cross-Site Scripting (XSS) in attribute context

Client-side scripts are used extensively by modern web applications. They perform from simple functions such as the formatting of text up to full manipulation of client-side data and Operating System interaction. Cross Site Scripting XSS allows clients to inject scripts into a request and have th...

CVE-2017-7310

A buffer overflow vulnerability in Import Command in SyncBreeze before 10.6, DiskSorter before 10.6, DiskBoss before 8.9, DiskPulse before 10.6, DiskSavvy before 10.6, DupScout before 10.6, and VX Search before 10.6 allows attackers to execute arbitrary code via a crafted XML file containing a lo...

Design/Logic Flaw

In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element...

Novell eDirectory Remote Elevation of Privilege Vulnerability

Novell eDirectory is an identity management infrastructure platform that combines identity management architecture and directory services technology from Novell, USA. The platform provides authentication policies, data backup and recovery services, data disaster recovery and other functions. A...

GitLab: Unfiltered `class` attribute in markdown code

This affects merge request/issue comments and probably other parts of the user interface. I am demonstrating PoCs on GitLab.com itself, as they don't affect anything outside of my test repo, which is private. It could be used to execute some js actions by contructing content that uses the...

libsmbclient, samba security update

CentOS Errata and Security Advisory CESA-2017:0662 An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

samba: Flaws in Kerberos PAC validation can trigger privilege elevation

A flaw was found in the way Samba handled PAC Privilege Attribute Certificate checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process...

Moderate: Red Hat Security Advisory: Red Hat Gluster Storage 3.2.0 samba security, bug fixes and enhancement update

An update for samba is now available for Red Hat Gluster Storage 3.2 for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...