Lucene search
K

294 matches found

n0where
n0where
added 2017/10/02 4:13 a.m.72 views

HTTP Virtual Host Scanner: VHostScan

A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 Key Benefits Quickly highlight unique content in catch-all scenarios Locate the outliers in catch-all scenarios where results...

6.8AI score
Exploits0References1
Packet Storm
Packet Storm
added 2017/09/22 12:0 a.m.39 views

Microsoft Edge Chakra Parser::ParseCatch Failed eval Handle

Microsoft Edge: Chakra: Parser::ParseCatch doesn't handle "eval" CVE-2017-11764 In Javascript, the code executed by a direct call to eval shares the caller block's scopes. Chakra handles this from the parser. And there's a bug when it parses "eval" in a catch statement's param. ParseNodePtr...

7.6CVSS0.1AI score0.64437EPSS
Exploits3
Openbugbounty
Openbugbounty
added 2017/08/23 9:33 a.m.17 views

polarkoru.fi XSS vulnerability

Vulnerable URL: http://www.polarkoru.fi/itemdetail.php?n=PKR-20335=Fresh Water Pearl Bracelet. Toggle catch 925 Sterling Silver.=item/20110425231349/www.PolarKoru 20335.jpg"';-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.11.2017 Vulnerability type:| XSS...

6.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2017/03/02 9:16 p.m.2 views

python-oslo-middleware: CatchErrors leaks sensitive values into error logs

An information-disclosure flaw was found in oslo.middleware. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component error logs for example, keystone tokens...

5.9CVSS5.7AI score0.00467EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/02/22 5:23 p.m.5 views

python-oslo-middleware: CatchErrors leaks sensitive values into error logs

An information-disclosure flaw was found in oslo.middleware. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component error logs for example, keystone tokens...

5.9CVSS5.7AI score0.00467EPSS
Exploits0References4
myhack58
myhack58
added 2016/04/23 12:0 a.m.38 views

hfs2. 3X remote code execution exploit-vulnerability warning-the black bar safety net

hfs 2.3 X many catch the chicken hackers like to use it to spread the Trojan, but the last in a tick look to this software broke a remote code execution vulnerability No CVE2014-6 2 8 7) The blogger looked after very interested in so you try to play a bit ! 2 0 1 6 0 3 2 8 1 1 3 3 3 0 First on...

2.6AI score
Exploits0
hackapp
hackapp
added 2016/04/01 9:58 a.m.24 views

Miku,FreeMp3♬GROOVE CATCH S.E - Dangerous filesystem permissions, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Miku,FreeMp3♬GROOVE CATCH S.E published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
Atlassian
Atlassian
added 2013/06/26 9:6 a.m.19 views

View Content Permission Set not Complete.

The Content Permission Set returned from the method getViewContentPermissions is incomplete. It appears to only contain a single ContentPermission object regardless of how many View permisisons have been attached to a Page. 1 Create a new page 2 Assign a View restriction for 1 group 3 Assign View...

0.7AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2012/09/19 5:20 p.m.7 views

qpid-cpp-server-cluster: unauthorized broker access caused by the use of NullAuthenticator catch-up shadow connections

Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...

5CVSS5.9AI score0.06394EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:18 p.m.4 views

qpid-cpp-server-cluster: unauthorized broker access caused by the use of NullAuthenticator catch-up shadow connections

Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...

5CVSS5.9AI score0.06394EPSS
Exploits1References4
Mozilla
Mozilla
added 2011/03/01 12:0 a.m.47 views

Recursive eval call causes confirm dialogs to evaluate to true — Mozilla

Security researcher Zach Hoffman reported that a recursive call to eval wrapped in a try/catch statement places the browser into a inconsistent state. Any dialog box opened in this state is displayed without text and with non-functioning buttons. Closing the window causes the dialog to evaluate t...

6.8CVSS1.9AI score0.01823EPSS
Exploits1References2Affected Software2
myhack58
myhack58
added 2008/10/30 12:0 a.m.25 views

PHP168 whole Station system of 0DAY-vulnerability warning-the black bar safety net

The first description under this hole is in the other places to see, just he did not say very clearly, a lot of the vegetable dishes are Do not understand, I take it I first posted it in! This hole is actually the use of the program coding vulnerabilities, download the configuration and the login...

0.5AI score
Exploits0
myhack58
myhack58
added 2007/12/30 12:0 a.m.15 views

Insider revealed the thunder catch the chicken to achieve a method and prevention tips-vulnerability warning-the black bar safety net

The world's largest sorrow, than they are to harm you, unbeknownst to you also for him too beholden to. Such absurd things, only in the TV series appear in? You ever think of yourself will become like that? If you don't believe, after reading this article the quasi surprise you! Thundercatch the...

0.3AI score
Exploits0
FreeBSD
FreeBSD
added 2005/07/07 12:0 a.m.15 views

pear-XML_RPC -- information disclosure vulnerabilities

The pear-XMLRPC release notes reports that the following issues has been fixed: Eliminate path disclosure vulnerabilities by suppressing error messages when eval'ing. Eliminate path disclosure vulnerability by catching bogus parameters submitted to XMLRPCValue::serializeval...

3.4AI score
Exploits0References1
Rows per page
Query Builder