176 matches found
CVE-2014-1839
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file...
CVE-2014-1624
Race condition in the xdg.BaseDirectory.getruntimedir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an attacker-controlled location once th...
CVE-2013-4369
The xluvifparserate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service NULL pointer dereference by using the "@" character as the VIF rate configuration...
[SECURITY] Fedora 20 Update: gnupg-1.4.15-1.fc20
GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...
[SECURITY] Fedora 19 Update: perl-Module-Signature-0.73-1.fc19
This package contains a command line tool and module for checking and creat ing SIGNATURE files for Perl CPAN distributions...
RuubikCMS 1.1.1 - Path Traversal Vulnerability
ruubikcms is vulnerable to Path traversal vulnerability, when logged in with any user account, list of files and directory names present on server will be displayed by changing path in URL, this vulnerability exist in "tinybrowser.php" Also using the same vulnerability we can create folders on...
CVE-2013-2030
keystone/middleware/authtoken.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova...
Directory traversal
razorCMS 1.2 allows remote authenticated users to access administrator directories and files by creating and deleting a directory...
CDE ToolTalk RPC Database Server Multiple Vulnerabilities
This host is running the CDE ToolTalk Database Server and is prone to the multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodtooltalkrpcdatabaseservermultvuln.nasl 7006 2017-08-25 11:51:20Z teissa $ CDE ToolTalk RPC Database Server Multiple Vulnerabilities Authors: Antu Sanadi...
CinePlayer Surround Universal DEP Bypass Exploit
Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: CinePlayer Surround Universal DEP Bypass Exploit Author: Angel Injection Thanks To Inj3ct0r Team Home: http://1337day.com , http://sec-krb.org shellcode =...
Race condition
Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System OTRS before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets...
CVE-2010-4765
Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System OTRS before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets...
CVE-2010-4765
Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System OTRS before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets...
Hanso Converter 1.1.0 - BufferOverflow Denial of Service
Hanso Converter 1.1.0 - BufferOverflow Denial of Service Exploit Title: Hanso Converter v1.1.0 Language File Buffer Overflow - Denial OF Service Date: 05.02.2011 Author: Dame Jovanoskibadc0re Software Link: http://www.hansotools.com/downloads/hanso-converter-setup.exe Version: v1.1.0 Tested on: X...
CVE-2011-0046
Multiple cross-site request forgery CSRF vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to 1 adding a saved search in buglist.cgi, 2 voting in...
Free CD to MP3 Converter 3.1 - Local Buffer Overflow
!usr/bin/perl Exploit Title: Exploit 0day Buffer Overflow Free CD to MP3 Converter 3.1 Date: 09\11\2010 Author: C4SS!0 G0M3S Software Link: http://www.eusing.com/Download/cdtomp3freeware.exe Version: 3.1 Tested on: WIN-XP SP3 Exploit Writted by C4SS!0 G0M3S Home: http://www.invasao.com.br E-mail:...
GSPlayer 1.83a Win32 Buffer Overflow
Exploit Title: GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability Date: 2010/11/04 Author: moigai e-mail: [email protected] Software Link: http://www.vector.co.jp/download/file/win95/art/fh296344.html Version: 1.83a Win32 Release Tested on: Windows XP SP3 En VM my $file = "GSPlayer.m3u"...
Moodle Session Fixation Vulnerability
This host is running Moodle and is prone to session fixation vulnerability OpenVAS Vulnerability Test $Id: gbmoodlesessionfixationvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Moodle Session Fixation Vulnerability Authors: Madhuri D Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Fa-Ads (Auth Bypass) Vulnerability
Exploit for php platform in category web applications ================================== Fa-Ads Auth Bypass Vulnerability ================================== ======================================================================================== | Title : Fa-Ads Auth Bypass Vulnerability | Author...
Status Update privacy
You should be aware that when you type a status update, you can also set the privacy of that status posting like you were creating an album...