[Binwalk] Firmware Analysis Tool

Binwalk is a firmware analysis tool designed to assist in the analysis, extraction, and reverse engineering of firmware images and other binary blobs. It is simple to use, fully scriptable, and can be easily extended via custom signatures, extraction rules, and plugin modules. Binwalk supports...

VulnCheck KEV: CVE-2013-0156

activesupport/coreext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a...

WordPress LeagueManager Plugin 3.8 - SQL Injection

LeagueManager plugin is prone to an SQL injection that exists in the "leagueid" parameter of a function call made by the leaguemanagerexport page. This vulnerability allows an attacker to modify data, alter queries to the application SQL database, compromise the access and application or exploit...

httparty Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

httparty Gem for Ruby contains a flaw that is triggered when a type casting error occurs during the parsing of parameters. This may allow a context-dependent attacker to potentially execute arbitrary code...

Google Chrome < 24.0.1312.52 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 24.0.1312.52 and is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to SVG layout, DOM handling, video seeking, PDF fields and printing. CVE-2012-5145, CVE-2012-5147,...

Ruby Gem nori Parameter Parsing Remote Code Execution

The Ruby Gem nori has a parameter parsing error that may allow an attacker to execute arbitrary code. This vulnerability has to do with type casting during parsing, and is related to CVE-2013-0156...

FreeBSD : rubygem-rails -- multiple vulnerabilities (ca5d3272-59e3-11e2-853b-00262d5ed8ee)

Ruby on Rails team reports : Two high-risk vulnerabilities have been discovered : CVE-2013-0155 There is a vulnerability when Active Record is used in conjunction with JSON parameter parsing. Due to the way Active Record interprets parameters in combination with the way that JSON parameters are...

extlib Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

extlib Gem for Ruby contains a flaw that is triggered when a type casting error occurs during the parsing of parameters. This may allow a context-dependent attacker to potentially execute arbitrary code...

CVE-2012-5136

Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document...

Google Chrome Multiple Vulnerabilities (Nov 2012) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome Multiple Vulnerabilities - Nov2012 (Mac OS X)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnnov12macosx.nasl 5999 2017-04-21 09:02:32Z teissa $ Google Chrome Multiple Vulnerabilities - Nov2012 Mac OS X Authors: Antu Sanadi Copyright: Copyright c 2012...

Google Chrome < 21.0.1180.89 Multiple Vulnerabilities

Binary data 800953.prm...

Google Chrome < 21.0.1180.89 Multiple Vulnerabilities

Binary data 6563.pasl...

Google Chrome < 21.0.1180.89 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 21.0.1180.89 and is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error exists related to line-breaking. CVE-2012-2865 - Variable casting errors exist related to 'run-ins' and XSL...

CVE-2012-2866

Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document...

MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass

A flaw in the MySQL server allows remote users to authenticate without a valid password due to a failure when casting a randomly generated token and comparing it to an expected value. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid61393; scriptversion"1.13";...

Appweb 3.1.x / 3.2.x / 3.3.x < 3.3.3 mprUrlEncode Function Heap Overflow Vulnerability

According to its banner, the version of Appweb installed on the remote host is 3.1.x, 3.2.x or 3.3.x earlier than 3.3.3. It is, therefore, potentially affected by a heap-based buffer overflow vulnerability caused by a casting error in the function 'mprUrlEncode' in the file 'src/mpr/mprLib.c'. No...

Mozilla: Gecko memory corruption (MFSA 2012-44)

The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and...

Oracle MySQL Server 5.5 < 5.5.24 Multiple Unspecified Vulnerabilities

Binary data 6515.prm...

MySQL Server 5.5 < 5.5.24 Multiple Unspecified Vulnerabilities

Binary data 801157.prm...