159 matches found
CVE-2019-6172
CVE-2019-6172 involves a vulnerability in the SMI callback function in some Lenovo ThinkPad models’ Legacy USB driver, where a passed parameter is used without sufficient validation. This could allow arbitrary code execution in the context of the affected system. Public documentation consistently...
Design/Logic Flaw
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function...
DEBIAN-CVE-2019-7346
A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a CSRF check fails, a callback function is called displaying a "Try again" button, which allows resending the failed request, making the CSRF attack successful...
Remote Code Execution (RCE)
microsoft.chakracore is vulnerable to remote code execution. When the RegexHelper::StringReplace calls the callback function, it does not mark it with an ImplicitCallFlag, allowing a malicious user to pass a function to be executed in certain cases.This CVE ID is different from CVE-2017-11792,...
Microsoft Edge Chakra JIT - RegexHelper::StringReplace Must Call the Callback Function with Updating ImplicitCallFlags
Microsoft Edge Chakra JIT - RegexHelper::StringReplace Must Call the Callback Function with Updating ImplicitCallFlags / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1334 The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls...
Microsoft Edge Chakra JIT - 'RegexHelper::StringReplace' Must Call the Callback Function with Updating ImplicitCallFlags
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1334 The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating "ImplicitCallFlags". But "RegexHelper::StringReplace"...
Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call Exploit
The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating "ImplicitCallFlags". But "RegexHelper::StringReplace" calls the replace function without updating the flag. Therefore it fails...
Foscam IP Video Camera Command Injection Vulnerability(CVE-2017-2847)
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the “msmtprc” configuration file resulting...
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Sender Parameter Configuration Command Injection Vulnerability
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the “msmtprc” configuration file resulting...
Foscam IP Video Camera CGIProxy.fcgi DNS2 Address Configuration Command Injection Vulnerability
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...
CVE-2016-8655 kernel race condition vulnerability the Debug analysis-vulnerability warning-the black bar safety net
12 5 March, hilipPettersson published a piece that already exists Linux kernel up to 5 years of local mention the right vulnerability, affecting virtually all Linux mainstream distributions, a time limelight without the two, no less than some time ago of“Dirty Cow”in. For this black magic...
Adobe Flash StyleSheet Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the StyleSheet...
Apple OS X Yosemite system exposure more local to mention the right vulnerability-vulnerability warning-the black bar safety net
Foreign security researchers have recently exposed the latest version of Mac OSX 10.10.1 system on the presence of multiple local mention the right vulnerability, due to the submitted to Apple the official time for too long are not get a clear answer, leading the researcher directly to the...
MS15-061 Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
No description provided by source. include include / Exploiting MS15-061 with reverse engineering Win32k.sys by steps : 1: hook PEB callback Function 2: trigger vulnerability make proper Window to lead vulnerable function 3: replace fake object with NtUserDefSetText in Desktop heap inside PEB...
Cloudflare: Threat control information leak
The information displayed on the threat control page is retrieved using AJAX calls to the API, however the access token atok which is sent along with the requests is not checked by the receiving end. In addition, a callback function name can be supplied to the API. Combined, these factors allow a...
CVE-2013-0080
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."...
Design/Logic Flaw
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."...
CVE-2013-0080
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."...
MS13-024: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)
The versions of Microsoft SharePoint Server 2010 and SharePoint Foundation 2010 have the following vulnerabilities : - A callback function vulnerability exists that could allow an attacker to read data or perform other unauthorized actions. CVE-2013-0080 - A cross-site scripting vulnerability...