742 matches found
CVE-2017-15290
The CVE-2017-15290 entry describes a information disclosure in Mirasys VMS: versions 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1 use a login flow that sends cleartext data from server to client, and not all of this data is required for client functionality. This could expose sensiti...
Microsoft Office Word free macro command execution flaw vulnerability 0day-vulnerability warning-the black bar safety net
If we inform you that in MS-Word on the presence of a Royal Decree to fulfill the vulnerability flaws of the bug, which unnecessary any macro maybe memory overflow? Windows for use between the stop data transfer supply a variety of transmission methods, this one is called static swap agreements, ...
Night Vision Enabled Security Cameras Secretly Transfer Your Data
By Waqas A team of researchers from the Ben-Gurion University of the This is a post from HackRead.com Read the original post: Night Vision Enabled Security Cameras Secretly Transfer Your Data...
How to Configure Syslog for XenMobile
How to enable Syslog/Sys logging for XenMobile. Note- Syslog is a standard logging protocol with two components: an auditing module which runs on the appliance and a server, which can run on a remote system. The Syslog protocol uses UDP or data transfer. Admin events and User events are recorded...
cURL: Multiple vulnerabilities
Background cURL is a tool and libcurl is a library for transferring data with URL syntax. Description Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details. Impact Remote attackers could cause a Denial of Service condition, obtain...
The vulnerability of the Linux kernel in the Android operating system, originating from the CAF repository, allows a hacker to cause incorrect control over the data transfer stream.
The vulnerability of the Linux operating system Android’s kernel from the CAF repository is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to improperly control the data transfer process by disabling the validation mechanisms...
Dumping Data from Deep-Insert Skimmers
I recently heard from a police detective who was seeking help identifying some strange devices found on two Romanian men caught maxing out stolen credit cards at local retailers. Further inspection revealed the devices to be semi-flexible data transfer wands that thieves can use to extract stolen...
Addressing Data Across Borders for the GDPR
Most enterprises today do business across the globe, have databases in multiple countries and DBAs or users in different regions who have access to those databases. With GDPR mandating privacy requirements for personal data of European Union EU residents and visitors, it is important for an...
[SECURITY] Fedora 25 Update: curl-7.51.0-9.fc25
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
[SECURITY] Fedora 26 Update: curl-7.53.1-10.fc26
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
VulnCheck KEV: CVE-2011-4130
Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...
Auto-binding vulnerabilities and Spring MVC-vulnerability warning-the black bar safety net
Today to introduce a not very well-known vulnerability—auto binding vulnerability, or referred to as mass assignment in. Automatic binding capabilities in many of the frameworks are achieved, it allows the framework to automatically convert the HTTP request parameter bound to the object and to...
EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 - Remote Code Execution
!/usr/bin/env python coding: utf8 EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 Root Remote Code Execution Vendor: EnGenius Technologies Inc. Product web page: https://www.engeniustech.com Affected version: ESR300 1.4.9, 1.4.7, 1.4.2, 1.4.1.28, 1.4.0, 1.3.1.42, 1.1.0.28 ESR350 1.4.11, 1.4.9,...
[SECURITY] Fedora 26 Update: curl-7.53.1-4.fc26
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
[SECURITY] Fedora 25 Update: curl-7.51.0-6.fc25
curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
The vulnerability of the Internet Explorer browser allows a perpetrator to gain access to information, enabling them to transfer it from one domain to another.
The vulnerability of the Internet Explorer browser exists due to the lack of implementing inter-domain policies. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to information and transfer it from one domain to another using a specially created applicati...
The vulnerability of the QEMU hardware emulation software allows a hacker to trigger a maintenance failure or execute arbitrary code.
The vulnerability of the sdhcisdmatransfermultiblocks function in the hw/sd/sdhci.c file of the QEMU hardware/software emulator is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure or execute arbitrary code using vectors that contain...
CVE-2017-5667
The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds heap access and crash or execute arbitrary code on the QEMU host via vectors involving the data transfer length...
CVE-2017-5667
The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds heap access and crash or execute arbitrary code on the QEMU host via vectors involving the data transfer length...
Out-of-bounds
The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds heap access and crash or execute arbitrary code on the QEMU host via vectors involving the data transfer length...