RHEL 5 : xsa218_xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xsa218 xen: Races in the grant table unmap code XSA-218 CVE-2017-10913 - The grant-table feature in Xen...

Trix Editor Arbitrary Code Execution Vulnerability

The Trix editor, versions prior to 2.1.1, is vulnerable to arbitrary code execution when copying and pasting content from the web or other documents with markup into the editor. The vulnerability stems from improper sanitization of pasted content, allowing an attacker to embed malicious scripts...

GSA Bounty: Multiple Bugs in api.data.gov/signup endpoint leads to send custom messages to Anyone

Hey there, while signing for new api key, i have found two bugs that is unusual and make anyone to send crafted or customised email to someone. Bug 1: - low 1. Go to https://api.data.gov/signup/ 2. Enter first and last name , then enter email id and get api key. Bug: You can use the same email id...

CVE-2017-10914

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service memory consumption, or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2...

Race condition

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service memory consumption, or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2...

CVE-2017-10914

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service memory consumption, or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2...

e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ?php / Explanation: Bug 1 admin/showimg.php: ?php $fp = fopen$GET'img', "r"; $img = fread$fp, filesize$GET'img'; fclose$fp; header"Content-type: ".$GET'type'; echo $img; ? ...need i say more? Bug 2 admin/functions.php: if...