Adobe Flash Player JSONP Cross-Site Request Forgery (APSB15-11: CVE-2015-3096)

A cross-site request forgery CSRF vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an insufficient validation of data from JSONP callback APIs. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

SUSE SLED10 / SLES10 Security Update : kernel (SUSE-SU-2012:1391-1)

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. The following security issues have been fixed : CVE-2011-2494: kernel/taskstats.c in the Linux kernel allowed local users to obtain sensitive I/O statistics by sending taskstats commands to...

Unbreakable Enterprise kernel security and bugfix update

kernel-uek 3.8.13-68.2.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 3.8.13-68.2.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...

kernel security and bug fix update

2.6.32-504.16.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 2.6.32-504.16.1 - fs gfs2: Move gfs2filesplicewrite outside of ifdef Robert S Peterson 1198329 1193559 - security keys: close race between key lookup and freeing...

Coinbase: Blacklist bypass on Callback URLs

In bug 47368, I was able to reach private IP addresses via the "Test Now" button of the "Callback URL" feature. Exploiting this flaw allowed me to reach the metadata server of your outbound proxy which is, afaik, maintained by Proximo. A comment by aianus states that callbacks are now restricted...

Persistent Systems Client Automation - Command Injection Remote Code Execution (Metasploit)

Exploit Title: Persistent Systems Client Automation PSCA, formerly HPCA or Radia Command Injection Remote Code Execution Vulnerability Date: 2014-10-01 Exploit Author: Ben Turner Vendor Homepage: Previosuly HP, now http://www.persistentsys.com/ Version: 7.9, 8.1, 9.0, 9.1 Tested on: Windows XP,...

Apple OS X Yosemite system exposure more local to mention the right vulnerability-vulnerability warning-the black bar safety net

Foreign security researchers have recently exposed the latest version of Mac OSX 10.10.1 system on the presence of multiple local mention the right vulnerability, due to the submitted to Apple the official time for too long are not get a clear answer, leading the researcher directly to the...

CVE-2014-9500

Cross-site scripting XSS vulnerability in the Moip module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the notification page callback...

CVE-2014-9500

Cross-site scripting XSS vulnerability in the Moip module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the notification page callback...

MODX Revolution-pl Cross-Site Scripting Vulnerability

MODX Revolution is a content management system that claims to be the most flexible and open and free. A cross-site scripting vulnerability exists in MODX Revolution 2.3.2-pl, which allows remote attackers to inject arbitrary web script or HTML via callback parameters...

PT-2020-7585 · Dbi +3 · Dbi +3

Name of the Vulnerable Software and Affected Versions: DBI module versions prior to 1.632 for Perl Description: An issue in the DBI module for Perl may lead to memory corruption when using many arguments to methods for Callbacks. Recommendations: For versions prior to 1.632, update to version 1.6...

OracleVM 2.1 : kernel (OVMSA-2009-0014)

The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2009-1192 The 1 agpgenericallocpage and 2 agpgenericallocpages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later...

Immunity Canvas: MS14_064_IE_OLEAUT32

Name| ms14064ieoleaut32 ---|--- CVE| CVE-2014-6332 Exploit Pack| CANVAS Description| MS14064 - Windows OLE Automation Array Remote Code Execution Vulnerability Notes| CVE Name: CVE-2014-6332 VENDOR: Microsoft NOTES: References:...

TinyShop SQL注入一枚

简要描述： 20140926 详细说明： /protected/controllers/payment.php中 callback 函数 public function callback //从URL中获取支付方式 $paymentid = Filter::intReq::get'paymentid'; $payment = new Payment$paymentid; $paymentPlugin = $payment-getPaymentPlugin; //先获取一个支付方式，默认只有余额支付 ，id为1 。。。 //执行接口回调函数 $callbackData =...

Fedora 21 : freeipa-4.1.1-1.fc21 / slapi-nis-0.54.1-1.fc21 (2014-14427)

freeipa : - Update to upstream 4.1.1 - see http://www.freeipa.org/page/Releases/4.1.1 - fix CVE-2014-7828 slapi-nis : - support FreeIPA overrides in LDAP BIND callback - ignore FreeIPA override searchs outside configured schema compat subtrees Note that Tenable Network Security has extracted the...

TinyShop SQL注入一枚

简要描述： 20140926 详细说明： 这次这个还是在payment里，是异步callback时候，有类似问题，其实我不想分开交的，其实不想分开交，怕有重复过不了。 /protected/controllers/payment.php中 asynccallback function asynccallback //从URL中获取支付方式 $paymentid = Filter::intReq::get'paymentid'; $payment = new Payment$paymentid; $paymentPlugin = $payment-getPaymentPlugin;...

callback nightmare: parsing of the famous CMS frameworks Drupal SQL injection vulnerability-vulnerability warning-the black bar safety net

Drupal is using the PHP language, open source content management framework CMF, which consists of CMS and PHP development framework together constitute. Consecutive years won the world's best CMS award, is based on the PHP language the most famous WEB applications. A few days before the explosion...

CVE-2014-2988

EGroupware Enterprise Line EPL before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbitrary PHP code via crafted callback values to the calluserfunc PHP function, as demonstrated using th...

CVE-2014-2988

CVE-2014-2988 affects EGroupware EPL before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta. Root cause: improper handling of crafted callback values passed to PHP call_user_func, enabling remote authenticated administrators to execute arbitrary...

SOL15730 - OpenSSH vulnerability

The mmnewkeysfromblob function in monitorwrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet dat...