2678 matches found
CVE-2020-5242
openHAB prior to 2.5.2 is affected. A remote attacker can use REST calls to install the EXEC binding or EXEC transformation service and execute arbitrary commands with the privileges of the openHAB user. The root cause is lack of proper enforcement of command installation via REST until 2.5.2. Fi...
CVE-2013-5594
Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding...
Linux/x86 - Bind Shell Generator Shellcode (114 bytes)
Title: Linux/x86 - Bind Shell Generator Shellcode 114 bytes Author: Bobby Cooke Tested On: Ubuntu 3.13.0-32-generic 57precise1-Ubuntu i386 !/usr/bin/python Take users TCP port as input port = rawinput"Enter TCP Port Number: " Convert input string to an integer deciPort = intport Format the intege...
CVE-2019-14002
APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM891...
Fedora 31 : glibc (2020-1a3bdfde17)
This update fixes a minor security vulnerability LDPREFERMAP32BITEXEC not ignored in setuid binaries and addresses are long-standing bug where missing shared objects could cause crashes due to incorrectly handled dlopen failures RHBZ1395758. The latter fix also causes lazy binding failures in ELF...
Fedora Update for jackson-databind FEDORA-2019-cf87377f5f
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for jackson-annotations FEDORA-2019-cf87377f5f
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for jackson-annotations FEDORA-2019-99ff6aa32c
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
FreeBSD mqueuefs Privilege Escalation
Exploit: FreeBSD-SA-19:15.mqueuefs - Privilege Escalation Author: Karsten König of Secfault Security Date: 2019-12-30 Change line 719 to choose which vulnerability is targeted libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper Exploit for FreeBSD-SA-19:15.mqueuefs and...
[SECURITY] Fedora 31 Update: jackson-annotations-2.10.0-1.fc31
Core annotations used for value types, used by Jackson data-binding package...
[SECURITY] Fedora 31 Update: jackson-databind-2.10.0-1.fc31
The general-purpose data-binding functionality and tree-model for Jackson D ata Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration...
DEBIAN-CVE-2019-17531
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the apache-log4j-extra version 1.2.x jar in the classpath, and an...
CVE-2018-1273
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...
Fedora Update for jackson-annotations FEDORA-2019-b171554877
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-15018
A security vulnerability exists in the Zingbox Inspector versions 1.280 and earlier, where authentication is not required when binding the Inspector instance to a different customer tenant...
CVE-2019-15018
CVE-2019-15018 affects Palo Alto Networks Zingbox Inspector (versions 1.280 and earlier). The root cause is an authentication bypass when binding the Inspector to a different customer tenant, enabling potential cross-tenant access. Impact is described as a security-bypass affecting the binding fu...
PT-2019-3606 · Zingbox · Zingbox Inspector
Name of the Vulnerable Software and Affected Versions: Zingbox Inspector versions 1.280 and earlier Description: A security issue exists where authentication is not required when binding the Inspector instance to a different customer tenant. This is related to deficiencies in authentication...
TLS version enforcement capabilities now available per certificate binding on Windows Server 2019
At Microsoft, we often develop new security features to meet the specific needs of our own products and online services. This is a story about how we solved a very important problem and are sharing the solution with customers. As engineers worldwide work to eliminate their own dependencies on TLS...
Fedora Update for jackson-databind FEDORA-2019-fb23eccc03
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for jackson-annotations FEDORA-2019-fb23eccc03
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...