The vulnerability of the libavc library in the Media Framework component of the Android operating system allows a hacker to disclose protected information or cause system failures.

The vulnerability of the libavc library in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability can allow a malicious actor to disclose protected information or cause service failures...

The vulnerability of the libmpeg2 library in the Media Framework component of the Android operating system allows a hacker to induce a service failure.

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the libhevc library in the Media Framework of the Android operating system allows a hacker to induce a service failure.

The vulnerability of the libhevc library in the Media Framework of the Android operating system is related to insufficient state checking. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Buffer overflow

A vulnerability in the quality of service QoS subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges. The vulnerability is due to incorrect bounds...

DEBIAN-CVE-2018-1000140

rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by...

free-ppi-checking-service.metzgerloy.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-585483 Description| Value ---|--- Affected Website:| free-ppi-checking-service.metzgerloy.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...

DEBIAN-CVE-2018-8754

The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...

CVE-2018-6066

Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Authentication flaw

A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing...

CVE-2018-5455

A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. The application allows a cookie parameter to consist of only digits, allowing an attacker to perform a brute force attack bypassing...

Drupal 7.x < 7.57 Multiple Vulnerabilities (SA-CORE-2018-001)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.57. It is, therefore, affected by multiple vulnerabilities : - A flaw exists with the Drupal.checkPlain function due to improper handling of HTML injection. A remote attacker, with a...

CVE-2018-7453

Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml...

CVE-2018-7453

Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml...

Buffer overflow

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to lack of bounds checking on the variable "datalen" from the function WLANQCMBRMcProcessMsg, a buffer overflow may potentially occur in WLANFTMMcProcessMsg...

Disk Savvy Enterprise 10.4.18 Buffer Ovreflow Exploit

This Metasploit module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise version 10.4.18, caused by improper bounds checking of the request sent to the built-in server. This Metasploit module has been tested successfully on Windows 7 SP1 x86. This module requires...

Disk Savvy Enterprise 10.4.18 Buffer Ovreflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Disk Savvy Enterprise v10.4.18', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise...

The vulnerability of the hidden content checking component in the SAP NetWeaver software integration platform allows a perpetrator to access confidential information or cause service failures.

The vulnerability of the hidden content checking component in the SAP NetWeaver software integration platform is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information or caus...

Disk Savvy Enterprise v10.4.18

This module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise v10.4.18, caused by improper bounds checking of the request sent to the built-in server. This module has been tested successfully on Windows 7 SP1 x86. This module requires Metasploit:...

Swape Theme - Authentication Bypass and Stored XSS

Similar to https://wpvulndb.com/vulnerabilities/8061, but with no authentication The theme suffers from a privilege escalation vulnerability, any user can trigger this vulnerability due to weak permissions checking. An attacker can update options, such as changing user's default role, registratio...

Debian: Security Advisory (DLA-1107-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...