8284 matches found
CVE-2016-2074
Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command...
Report VT debug logs
The script reports possible issues within VTs. For best results set SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
MyBB < 1.6.10 Multiple Vulnerabilities
Binary data 9119.prm...
网康安全网关(Netentsec ASG) 6.3 /debug/rproxy_diag.php 任意文件下载漏洞
No description provided by source...
Ntpd ntp-4.2.6p5 ctl_putdata() Buffer Overflow
/ Ntpd Based on: ntpq client from ntp package Provided for legal security research and testing purposes ONLY PoC DoS Denial of Service PoC. Will crash NTPd. You will need to know the KEY ID and MD5 password, for example put this in you ntp.conf -------------- /etc/ntp.conf -------------- keys...
New php vulnerability discovery of the debug result of the security vulnerability, Edusoho-a vulnerability warning-the black bar safety net
Modern cms framework laraval/symfony/slim, leading to today's php vulnerability appears point, principle, using method, has undergone some changes, this series can hope to summarize their excavation of such a cms vulnerability. Today this vulnerability is Edusoho a user table dump vulnerability...
D-Link DSL-2750B Remote Command Execution
After some playing around I've noticed something interesting during login phase: by sending wrong credentials, user is redirected on an error page with url http://192.168.1.1:666/login.cgi?cli=access%20login%20encrypted%2041544A25DC00170BA90659AD4CBDD9D9$ http://imgur.com/ZG1vU2t In order to see...
virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception
It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...
Google Android ADB Debug Server - Remote Payload Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/adb' class Metasploit3 'Android ADB Debug Server Remote Payload Execution', 'Description' = %q Writes and spawns a native payload on...
Android ADB Debug Server Remote Payload Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/adb' class Metasploit3 'Android ADB Debug Server Remote Payload Execution', 'Description' = %q Writes and spawns a native payload on...
冰峰VPN /log/system.log 敏感信息泄漏漏洞
由于“ICEFLOW VPN Router”设备产品存在各种日志文件未授权访问可导致系统敏感信息泄漏。(包括登录成功后的session值) 系统日志http://url/log/system.log VPN日志http://url/log/vpn.log 移动用户日志http://url/log/mobile.log 防火墙日志http://url/log/firewall.log 访问日志http://url/log/access.log 告警日志http://url/log/warn.log 错误日志http://url/log/error.log...
bind: denial of service
CVE-2015-8704 denial of service A buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl42.c. A server could exit while performing certain string formatting operations. Examples include but may not be limited to: 1 Slaves using text-format db...
Mageia: Security Advisory (MGASA-2016-0030)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Harman AMX multimedia devices contain hard-coded credentials
Overview Multiple models of Harman AMX multimedia devices contain a hard-coded debug account. Description CWE-798: Use of Hard-coded Credentials - CVE-2015-8362According to the researchers' blog post, several models of Harman AMX multimedia devices contain a hard-coded "backdoor" account with...
Updated bind packages fix security vulnerability
In ISC BIND before 9.10.3-P3, a buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl42.c CVE-2015-8704. In ISC BIND before 9.10.3-P3, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the...
CVE-2015-8705
buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit, or daemon crash or possibly have unspecified other impact via 1 OPT data or 2 an ECS option...
virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception
It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...
Multiple Huawei Products Password Change Vulnerability
Huawei TE30, TE40, TE50 and TE60 are all-in-one HD video conferencing endpoints from Huawei China that support intelligent voice calling and Wi-Fi wireless interconnectivity. The Huawei TE30, TE40, TE50, and TE60 Debug accounts fail to enter the old password as required when changing the password...
Denial of Service Vulnerability in Multiple Huawei Products
The Huawei TE30, TE40, TE50 and TE60 are all-in-one HD video conferencing endpoints from Huawei China that support intelligent voice calling and Wi-Fi wireless connectivity. A security vulnerability in the presentation transmission permission management mechanism of the Huawei TE30, TE40, TE50, a...
Janitza Multiple UMG Devices Remote Debug Interface RCE
Binary data scadajanitzadebugsvc.nbin...