Adobe Flash TextField.tabIndex Setter - Use-After-Free

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=574 There is a use-after-free in the TextField.tabIndex setter. If the integer parameter is an object with valueOf defined, then it can free the TextField's parent, leadi...

Flexible DDoS Defense: Bohatei

DDoS defense today relies on expensive and proprietary hardware appliances deployed at fixed locations. This introduces key limitations with respect to flexibility e.g., complex routing to get traffic to these “chokepoints” and elasticity in handling changing attack patterns. We observe an...

PT-2015-2980 · Mariadb +7 · Mariadb +7

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 5.5.46 and earlier Oracle MySQL versions 5.6.27 and earlier Oracle MySQL versions 5.7.9 and earlier MariaDB versions 5.5.47 and earlier MariaDB versions 10.0.x before 10.0.23 MariaDB versions 10.1.x before 10.1.10...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 1.3.1 security, bug fix, and enhancement update

Red Hat Ceph Storage 1.3.1 that fixes one security issue, multiple bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...

Checkpoint Cross Site Scripting

Exploit Title: Checkpoint.com sub-domains Reflected XSS RXSS Date: 12/11/2015 Author: Yann CAM @ Synetis - ASafety Vendor or Software Link: www.checkpoint.com Version: / Category: Reflected Cross Site Scripting Google dork: Tested on: checkpoint.com sub-domains Checkpoint description :...

Modular visual interface for GDB: GDB dashboard

Modular visual interface for GDB in Python This comes as a standalone single-file .gdbinit which, among the other things, enables a configurable dashboard showing the most relevant information during the program execution. Its main goal is to reduce the number of GDB commands issued to inspect th...

wesnoth: information leakage

Wesnoth implements a text preprocessing language that is used in conjunction with its own game scripting language. It also has a built-in Lua interpreter and API. Both the Lua API and the preprocessor make use of the same function filesystem::getwmllocation to resolve file paths so that only...

Rockwell RSView32 Security Vulnerability Patched

Human machine interface software from Rockwell Automation has been patched, protecting users from a vulnerability in the way stored passwords are protected. The vulnerability was discovered in RSView32, versions 7.60.00 and earlier, according to an alert from the Industrial Control System Cyber...

OpenDaylight Helium Authentication Bypass Vulnerability

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. An authentication bypass vulnerability exists i...

WordPress Plugin Marketplace 2.4.0 - Arbitrary File Download

Exploit Title: WP Marketplace 2.4.0 Arbitrary File Download Date: 26-10-2014 Software Link: https://wordpress.org/plugins/wpmarketplace/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps CVE: CVE-2014-9013 and CVE-2014-901...

Rockwell Automation RSView32 Weak Encryption Algorithm on Passwords

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on May 12, 2015, and is being released to the NCCIC/ICS-CERT web site. Rockwell Automation has produced a patch to mitigate a password encryption vulnerability in RSView32. Information Security Analysts Vladimir...

Defense4all Security Bypass Vulnerability

Defense4All is an open SDN security application released by Radware, Inc. A security bypass vulnerability exists in Defense4all, which can be exploited by an attacker to bypass certain security restrictions and perform unauthorized operations...

WSS最新版多处SQL注入直接获取数据三（官方demo演示及快速定位漏洞技巧）

简要描述： WSS最新版多处SQL注入直接获取数据三，官方demo演示，这里存在多处，对同一问题进行总结 详细说明： WSS最新版1.3.2，这里存在多处，并对此同一问题进行总结，以及快速查找同一问题全部漏洞 这里的漏洞没有任何权限限制，任何用户都能进行注入 漏洞分析： WooYun: WSS最新版某处SQL注入直接获取数据二（两处） WSS最新版某处SQL注入直接获取数据二（两处） 这个漏洞之前已经降到了漏洞的过程 因为全局过滤函数设计缺陷导致sql注入 if !functionexists"GetSQLValueString" function...

[SECURITY] Fedora 20 Update: gqrx-2.2.0-6.fc20

Gqrx is a software defined radio receiver powered by the GNU Radio SDR framework and the Qt graphical toolkit...

PHP-Nuke 6.x/7.x Public Message SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9615/info It has been reported that the 'public message' feature of PHP-Nuke is vulnerable to an SQL injection vulnerability. The issue is due to improper sanitization of user-defined parameters supplied to the module. As...

Somery <= 0.4.6 (skin_dir) Remote File Include Vulnerability

No description provided by source. Update: 16:01 09/08/06 Subject: Somery 0.4skindirRemote File Inclusion Exploit Vulnerable version: Somery 0.4.6 Operating System: - All OS Vendor URL: Robin de Graaf - [email protected] Somery website - http://somery.danwa.net Description: Somery, also known as th...

pollxt Mambo Component <= 1.22.07 Remote Include Vulnerability

No description provided by source. Application : pollxt mambo Component URL : http://www.mamboxt.com Variable $mosConfigabsolutepath not sanitized: xpl works with registerglobals=on in components/compollxt/conf.pollxt.php on line 1-2...

ActFax 4.31 Local Privilege Escalation Exploit

No description provided by source. !/usr/bin/python Title: ActFax 4.31 Local Privilege Escalation Exploit Author: Craig Freyman @cd1zz Discovered: July 10, 2012 Vendor Notified: June 12, 2012 Description: http://www.pwnag3.com/2012/08/actfax-local-privilege-escalation.html msfpayload windows/exec...

Absolute News Manager .NET 5.1 pages/default.aspx template Variable Remote File Access

No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...

openSUSE Security Update : xulrunner17 (openSUSE-SU-2013:1496-1)

This xulrunner17 version update to 17.0.9esr fixes the following security issues bnc840485 : - MFSA 2013-65/CVE-2013-1705 bmo882865 Buffer underflow when generating CRMF requests - MFSA 2013-76/CVE-2013-1718 Miscellaneous memory safety hazards - MFSA 2013-79/CVE-2013-1722 bmo893308 Use-after-free...