The vulnerability of the XSLTResult class implementation in the Apache Struts software platform allows attackers to execute arbitrary code.

The vulnerability of the XSLTResult class implementation in the Apache Struts software framework is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using the stylesheetLocation parameter...

CVE-2015-2686

net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for 1 sendto and 2 recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copyfromiter function in the ioviter interface, as demonstrated by the Bluetooth...

CVE-2015-2686

net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for 1 sendto and 2 recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copyfromiter function in the ioviter interface, as demonstrated by the Bluetooth...

Midea's M-Smart smart socket has design logic flaws

M-Smart Smart Socket is a smart home appliance developed by Midea Group. Midea's M-Smart Smart Socket is susceptible to man-in-the-middle attacks due to insecure protocols for transmitting data and lack of validation of what is transmitted on the client and server side. The lack of effective...

Shopify: XSS on https://app.shopify.com/

DESCRIPTION =========== It has been identified that the page located at https://app.shopify.com/ is prone to cross-site scripting issues. Cross-site Scripting XSS refers to client-side code injection attack wherein an attacker can execute malicious scripts also commonly referred to as a malicious...

The vulnerability of the Ruby on Rails software platform, which allows attackers to bypass the mechanism for verifying data correctness

The vulnerability of the Ruby on Rails software platform lies in the fact that the Active Model component supports the use of instance-level records for class methods. Exploiting this vulnerability allows a malicious actor to bypass the data validation mechanism by using a specially crafted...

The vulnerability of the Cisco Firepower Extensible Operating System allows a intruder to trigger a maintenance failure.

The vulnerability of the Cisco Firepower Extensible Operating System’s driver exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor, operating locally, to trigger a service failure using a pre-prepared USB device that transmits erroneous USB...

DEBIAN-CVE-2015-8726

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme MCS data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted file...

DEBIAN-CVE-2015-8711

epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted packet...

KLA10730 Denial of service vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities 1. Improper data validation and lack of restrictions can be exploited remotely via a specially designed packet o...

The vulnerability of the FFmpeg multimedia library, which allows a hacker to trigger a service failure

The vulnerability of the inittile function in the libavcodec/jpeg2000dec.c file of the FFmpeg multimedia library exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to cause service failure using specially crafted JPEG 2000 data...

The vulnerability of the web application for data synchronization with ownCloud allows a hacker to circumvent existing access restrictions and gain access to users’ files.

The vulnerability of the virtual file system of the web application for data synchronization with ownCloud is related to the lack of data validation during data retrieval. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and gain access to user files b...

WordPress Pie Register 2.0.18 Cross Site Scripting

Details ================ Software: Pie Register Version: 2.0.18 Homepage: https://github.com/GTSolutions/Pie-Register CVE: CVE-2015-7377 Pending CVSS: 4.3 Medium; AV:N/AC:M/Au:N/C:N/I:P/A:N CWE: CWE-79 Description ================ An unauthenticated reflected XSS vulnerability in Pie Register...

The vulnerability of the multimedia player iTunes and the iOS operating system allows a hacker to execute arbitrary code or trigger a service failure.

The vulnerability of the WebKit component in the multimedia player iTunes and the iOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted...

USN-2758-1: PHP vulnerabilities

It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. CVE-2015-5589 It was discovered that the PHP phar extension incorrectly handled certain filepaths. A remote attacker cou...

Discuz! X3.1 逻辑错误漏洞

Discuz! X3.1 在完成任务时（home.php?mod=draw&do=view&id=xx），任务先前的状态缺少判断完成任务的链接形如：home.php?mod=draw&do=view&id=xx这个地址最终在 source\class\classtask.php 中被处理约第370行：function draw$id global $G; if!$this-task = C::t'commontask'-fetchbyuid$G'uid', $id showmessage'tasknonexistence'; elseif$this-task'status' != 0...

DEBIAN-CVE-2015-6248

The ptvcursoradd function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service application crash via a crafted packet...

JVN#17611367: Apache Tapestry deserializes untrusted data

Apache Tapestry is a framework for creating Java web applications. Apache Tapestry contains an interface where client side serialized data sent to the server is deserialized after it is received by the server. This data serialization / deserialization process does not contain data validation...

Commerce Commonwealth (CBA) - Moderately Critical - Insufficient Verification of API Data - SA-CONTRIB-2015-136

This module enables you to pay for items on Drupal Commerce, using Commerce Commonwealth payment gateway. The module doesn't sufficiently validate the payment under certain specific scenarios. A malicious user can modify the urls used in gateway interaction with Commbank to make a failed payment...

[USN-2658-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2658-1 July 06, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...