inside-handy.de - Handy News - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application inside-handy.de - Handy News published at the 'play' market has multiple vulnerabilities...

Recipes Videos - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Recipes Videos published at the 'play' market has multiple vulnerabilities...

Quit smoking - QuitNow! - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Quit smoking - QuitNow! published at the 'play' market has multiple vulnerabilities...

SUSE-SU-2016:0854-1 Security update for rubygem-actionview-4_1

This update for rubygem-actionview-41 fixes the following issues: - CVE-2016-2097: rubygem-actionview: Possible Information Leak Vulnerability in Action View. bsc968850 - CVE-2016-2098: rubygem-actionpack: Possible remote code execution vulnerability in Action Pack bsc968849...

Mozilla Firefox and Firefox ESR Graphite 2 code execution vulnerability (CNVD-2016-01595)

Firefox is an open source Web browser ; Firefox ESR is an extended support version of Firefox.Graphite is a set of Python language , written using the Django framework for enterprise-class open source system monitoring tools . A security vulnerability exists in Mozilla Firefox and Firefox ESR...

SUSE-SU-2016:0242-1 Security update for jakarta-commons-collections

This update to jakarta-commons-collections 3.2.2 fixes the following security issues: bsc954102 code-execution by unserialization...

KLA10739 Code execution vulnerability in Microsoft VBScript

Improper memory objects handling was found in Microsoft VBScript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed web content. Technical details To mitigate this vulnerability you can restrict acces...

Critical: Red Hat Security Advisory: Red Hat JBoss BRMS 5.3.1 commons-collections security update

An update for the Apache Commons Collections component that fixes one security issue is now available from the Red Hat Customer Portal for Red Hat JBoss BRMS 5.3.1. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base...

flash-plugin: multiple code execution issues fixed in APSB15-32

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

RHEL 7 : apache-commons-collections (RHSA-2015:2522)

Updated apache-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

jakarta security update

CentOS Errata and Security Advisory CESA-2015:2521 Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System...

SoundTap 2.27 - Code Execution Vulnerability

Exploit for windows platform in category remote exploits Launch Url 3. Paste malicious url in input "Enter url Launch" 4. Click ok 5. PHP code executed successfully Code Execution Calculator By ZwX - Vulnerability Lab.com evalbase64decode'ZXZhbChiYXNlNjRfZGVjb2RlKCdaWFpoYkNoaVlYTmxOalJmWkdWamIy...

CVE-2015-7635

The CVE-2015-7635 entry describes a use-after-free vulnerability in Adobe Flash Player (Windows/macOS: before 18.0.0.252 and 19.x before 19.0.0.207; Linux before 11.2.202.535) and Adobe AIR (before 19.0.0.213, including AIR SDK before/Compiler before 19.0.0.213). The underlying issue is a use-aft...

D-Link Cookie Command Execution

This module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This module has been successfully tested ...

CVE-2015-2369

Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a...

KLA10582 Code execution vulnerability in Microsoft Sharepoint Server

An unspecified vulnerability was found in Microsoft SharePoint Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed page content. Original advisories Microsoft bulletin CVE-2015-1700 Related...

GNU C Library glibc getanswer_r Buffer Overflow (CVE-2015-1781)

A code execution vulnerability exists in GNU C Library. The vulnerability is due to an error within the getanswerr function when handling DNS response resulting in a buffer overflow. A remote attacker can exploit this vulnerability by providing a specially-crafted DNS response to an application...

Linkus Photo Manager Pro 4.4.0 Code Execution

Document Title: =============== Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1444 Release Date: ============= 2015-03-10 Vulnerability Laboratory ID VL-ID: ====================================...

Magento Patched Remote Execution Hole in eCommerce Platform

A nasty remote code execution vulnerability was recently patched in eBay’s eCommerce platform Magento. The hole, disclosed Monday, could put upwards to 200,000 company’s web stores, and their customers’ information at risk of being compromised. If exploited, researchers claim the vulnerability...

Lychee 2.7.1 Remote Code Execution

Advisory ID: SGMA15-002 Title: Lychee remote code execution Product: Lychee Version: 2.7.1 and probably prior Vendor: lychee.electerious.com Vulnerability type: Remote Code Execution Risk level: High Credit: Filippo Cavallarin - segment.technology CVE: N/A Vendor notification: 2015-04-12 Vendor...