CVE-2017-0415

CVE-2017-0415 is an elevation of privilege in Android’s Mediaserver. A local attacker could exploit this to run arbitrary code with privileged process rights. Affected versions: Android 6.0, 6.0.1, 7.0, 7.1.1 (Mediaserver). The provided connected documents identify the issue but do not specify a ...

Android Webview remote code execution getClassLoader-vulnerability warning-the black bar safety net

It is well known in the Android 4.4 system on Google has been the default system Webkit kernel is replaced with the own open-source project chromium,and in Issue 2 1 3 6 9 3 0 0 5（https://codereview.chromium.org/213693005）shielding the webview object. getClass, android in 4. 4. 4 version complete...

Foxit Reader ConvertToPDF TIFF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ConvertToPDF...

Food Battle: The Game - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Food Battle: The Game published at the 'play' market has multiple vulnerabilities...

Ah Shirts - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Ah Shirts published at the 'play' market has multiple vulnerabilities...

Photo Effects - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Photo Effects published at the 'play' market has multiple vulnerabilities...

CVE-2016-0124

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0129, and CVE-2016-0130...

WordPress Advanced Uploader 2.10 Shell Upload

----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a |.......................| N l |.....................| S E |.......................| e D...

IBM i Access For Windows 7.1 Buffer Overflow

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMI-CLIENT-ACCESS-BUFFER-OVERFLOW.txt Vendor: ============== www.ibm.com Product: ==================================================== IBM i Access for Windows Release 7.1 of...

IBM i Access 7.1 - Local Buffer Overflow / Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMI-CLIENT-ACCESS-BUFFER-OVERFLOW.txt Vendor: ============== www.ibm.com Product: ==================================================== IBM i Access for Windows Release 7.1 of...

IBM i Access 7.1 - Buffer Overflow Code Execution Vulnerability

IBM i Access for Windows is vulnerable to a buffer overflow. A local attacker could overflow a buffer and execute arbitrary code on the Windows PC. IBM i Access 7.1 - Buffer Overflow Code Execution Vulnerability Vendor: ============== www.ibm.com Product:...

IBM i Access 7.1 - Local Buffer Overflow Code Execution

IBM i Access 7.1 - Local Buffer Overflow Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMI-CLIENT-ACCESS-BUFFER-OVERFLOW.txt Vendor: ============== www.ibm.com Product:...

CVE-2015-2442

The CVE-2015-2442 entry concerns Microsoft Internet Explorer (IE) versions 8–11 and Edge, described as a memory corruption vulnerability that allows remote code execution or denial of service when a user visits a crafted site. The description explicitly labels it as a Memory Corruption Vulnerabil...

Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS)

Hello, Your current version of apache 2.2.22 for http://aanbieding.marktplaats.com is vulnerable to many issues like DoS, XSS and Code Exec 1. DoS Refer: http://www.cvedetails.com/cve/CVE-2014-0231/ http://www.cvedetails.com/cve/CVE-2014-0098/ http://www.cvedetails.com/cve/CVE-2013-6438/...

Microsoft Internet Explorer HTTP Response Double Free Memory Corruption (MS08-045) - Ver2 (CVE-2008-2256)

Microsoft Internet Explorer is the most widely used Internet browser. . A remote code execution vulnerability was reported in the way Microsoft Internet Explorer accesses an object that has not been correctly initialized or that has been deleted. By convincing a user to visit a specially crafted...

Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17

Title: Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17 Author: Larry W. Cashdollar, @larry0 Date: 2015-03-29 Download Site: https://wordpress.org/plugins/videowhisper-video-presentation/ Vendor: http://www.videowhisper.com/ Vendor Notified: 2015-03-29...

CVE-2015-2754

CVE-2015-2754 affects the FreeXL library. A vulnerability in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and potentially execute arbitrary code via a crafted Excel workbook, related to a “premature EOF.” The issue affects FreeXL versions earlier th...

WordPress Plugin InBoundio Marketing 1.0 - Shell Upload Vulnerability

Exploit for php platform in category web applications Dx . Made In Algeria . xZ Title : WordPress plugin InBoundio Marketing Shell Upload Vulnerability Author : KedAns-Dz + E-mail : ked-h @hotmail.com + FaCeb0ok : fb.me/K3d.Dz + TwiTter : @kedans Platform : PHP / WebApp + Cat/Tag : File Upload /...

CVE-2015-0644

CVE-2015-0644 affects Cisco IOS XE AppNav. The vulnerability arises from improper handling of TCP packets, allowing an unauthenticated, remote attacker to cause either arbitrary code execution or a device reload (DoS) via a crafted TCP packet. Affected are IOS XE 3.8–3.10 before 3.10.3S, 3.11 bef...

WordPress InBoundio Marketing Shell Upload

Dx . Made In Algeria . xZ Title : WordPress plugin InBoundio Marketing Shell Upload Vulnerability Author : KedAns-Dz + E-mail : ked-h @hotmail.com + FaCeb0ok : fb.me/K3d.Dz + TwiTter : @kedans Platform : PHP / WebApp + Cat/Tag : File Upload / Code Exec 3 3 Greetings t0 Palestine 3 3 ! Vendor :...