49 matches found
CVE-2022-49687
CVE-2022-49687 documents a Linux kernel vulnerability in virtio_net where suspend/resume can trigger a driver bug warning due to xdp_rxq_info not being unregistered/registered during freeze/restore. The root cause is that virtnet_freeze() frees the receive_queue (including xdp_rxq_info) without c...
CVE-2024-26924
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X" timeout 100 ms...
The IE 11 browser is the explosion of security vulnerabilities: remotely steal local PC file-bug warning-the black bar safety net
Recently security experts in the IE 11 browser on the found new vulnerabilities in the process. MHT saved page can allow a hacker to steal the PC on the file. More importantly. MHT file format the default processing application is the IE 11 browser, so even the Chrome as the default web browser o...
Third-party service side of the drain: Let's Encrypt leaked 7 6 1 8 name User email address-bug warning-the black bar safety net
! Let's Encrypt translated into Chinese called“let's encrypt”, in fact, this is one for the majority of the site free-issued SSL/TLS certificates of the project. Let's Encrypt the backing is not small, at the moment it is by the Linux Foundation managed to initiate the project of organizations...
Use CouchDB to unauthorized access vulnerability to execute arbitrary system commands-bug warning-the black bar safety net
5 on 1 6, Ali cloud shield defense against the team from external sources informed that the CouchDB database exists for unauthorized access vulnerabilities in the configuration is incorrect. After the test, the cloud shield team was the first to discover the use of the unauthorized access...
Chrome 5 a vulnerability to be fixed, Google rewards finding vulnerabilities personnel 2W $ -bug-warning-the black bar safety net
Recently, the Google company published the announcement, urged the majority use Windows, Mac OS and Linux operating system user as soon as possible to update their terminals on the Chrome version, in order to eliminate the 5 vulnerability to bring security risks. On has aeration out of 5...
SpagoBI remote code execution vulnerability analysis requires authentication permissions-bug warning-the black bar safety net
Today we publish the second article—SpagoBI remote code execution vulnerability. In this article, I want to talk about SpagoBI And SpagoBI is a free open source Business Intelligence Suite, which consists of the Engineering Group's SpagoBI Labswww.eng.it SpagoBI Labs develop and manage, its goal ...
Love fast router web Management page several vulnerabilities SQL blind injection, the plaintext stored passwords-bug warning-the black bar safety net
SQL blind injection, you can bypass the web page login authentication login default user name is admin. Password admin) I tested the ip is 1 9 2. 1 6 8. 1 6 8. 1:8 0,blind the url is http://192.168.168.1/login/x The user name of the payload is -1" OR 321=6 AND 0 0 0 1 6 7=0 0 0 1 6 7 -- The...
From zero to start to learn the Win32 platform buffer overflow(Part1)-bug warning-the black bar safety net
Buffer overflow is a common and we often heard of software security vulnerabilities, buffer overflow, i.e. that the data is too much to write into the memory or buffer, when a buffer within the write data is full, if you continue to write data, the data will overflow into other buffer, it will...
Kingsoft enterprise terminal protection optimization system Web Console without having to log any file deleted-bug warning-the black bar safety net
Kingsoft enterprise terminal protection optimization system Web Console without having to log arbitrary file deletion Arbitrary file deletion: File:/tools/manage/deletetools.php code area children; $i++ if $xml-tool$i-id == $id @unlink"../".$ xml-tool$i-name; if$xml-tool$i-image != "test. png"...
Palliative: the sogou browser to continue the remote execution of arbitrary commands-bug warning-the black bar safety net
1. Update to the latest version ! 1.jpg 2. Search for a vulnerability, do some repair, the most fundamental Protocol of the jump limit is still not repaired. A. for signin. htmlXSSdo as shown below fix: ! 2.jpg Canonical seemingly written by a bunch of, very complex, but in reality: even defining...
CVE-2 0 1 5-0 2 3 5: Linux Glibc Ghost vulnerability allows hackers remote access to system permissions-bug warning-the black bar safety net
! t01a998ea950583688b. png Ghost vulnerability in Linux glibc library appeared on the a serious security issue, he can keep the attacker in ignorance of the system in any case remote accessoperating systemthe control authority. He is currently the CVE number for CVE-2 0 1 5-0 2 3 5 to. What is...
Cool official silent install apk features background the presence of high-risk vulnerabilities(demo custom machine is how in your phone silently installed)-bug warning-the black bar safety net
Cool Demo junk software is how to through your mobile phone to silently install Suction fee software what is going on. You charge less? Detailed description: Cool a operation and maintenance improper shell. ! ! ! ok See under background: http://auth.coolyun.com ! Background PUSH features APK sile...
Tencent a certain activity a leak a large number of user address information-bug warning-the black bar safety net
Friends through QQ sent me to one of the activities:“there is no free lunch, but for Breakfast you can have! I was participating in yinlu good porridge road free good Breakfast apply for activities, the same address apply for the number up to 2 0 people, Homo habilis hand is a free good Breakfast...
By wave CMS General-purpose SQL injection 8+9(select models)-bug warning-the black bar safety net
Brief description: It seems by the waves begin to completely closed-source. Already ready to block everyone decompile, temporarily also don't know is with what method, after the if research out of words to say it. So official don't pull what XXX the source package, not open source is not a shame...
By sending YY information access others account and login-bug warning-the black bar safety net
First send a YY information to the users, this is a test of the no-induced ! Then open ! a cookie to the ! With veterans try. ! Log in. Repair solutions: Filter...
easethink payment. php injection vulnerability analysis attached to the use of the EXP-bug warning-the black bar safety net
Vulnerability author: leehenwu 0 1 vulnerability analysis Vulnerabilities in payment. php file elseif$REQUEST'act'=='return' //payment jump back to page $classname = $REQUEST'classname'; $paymentinfo = $GLOBALS'db'-getRowCached"select from ". DBPREFIX."payment where classname = '".$ classname."'"...
phpcms 2 0 0 7 onunload. inc. php page to an update-type implant is attached using the EXP-bug warning-the black bar safety net
Download a set of phpcms 2 0 0 7 analysis, in the module\movie\onunload. inc. php found a update type of injection. query"UPDATE ". TABLEMOVIESERVER." SET num = num-1 WHERE serverid = $serverid AND num 0 "; ? $serverid is not any filtering and also not enclosed in single quotation marks, so ignor...
JWPlayer 5 latest SWF XSS 0day analysis and POC improvements-bug warning-the black bar safety net
Original: Special Thx to small male students to the idea: Foreigners in 1, No. 6 published the jwplayer a not repairXSS 0day, the details of the fierce stamp here. jwplayer is currently the most widely used flash Player components, especially the many foreign online love action movies website...
Lxblog blog system variables cover the resulting injection+Getshell attached to the use of the exp-bug warning-the black bar safety net
Nonsense: lxblog is www. phpwind. net development of multi-blog system, now seems to have stopped updating! Statement: We only do the technical research, please do not illegally used, together with consequences with himself, independent of it! Text: Key file:/mod/ajaxmod.php if ! empty$POST $POST...