4243 matches found
Linux kernel Linux-4.6/drivers/platform/chrome/cros_ec_dev.c buffer overflow vulnerability
The Linux Kernel is the kernel of the Linux operating system. A buffer overflow vulnerability exists in the Linux kernel 4.6 and earlier, Linux-4.6/drivers/platform/chrome/crosecdev.c implementation. A buffer overflow can be caused by a remote user utilizing constructed userspace data...
Kagao 3.0 Cross Site Scripting / SQL Injection
Application Name : Kagao v3.0 - Professional Classified Market Google Dork : inurl:/cat1.php?id2= Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Vendor Homepage : http://kogaoscript.com/ Vulnerable Type : SQL Injection & Cross Site Scripting Date : 2016-06-26 Tested on : Windows...
Kagao 3.0 - Multiple Vulnerabilities
Kagao 3.0 - Multiple Vulnerabilities Application Name : Kagao v3.0 - Professional Classified Market Google Dork : inurl:/cat1.php?id2= Exploit Author : Cyber Warrior | Bug Researchers Group | N4TuraL Vendor Homepage : http://kogaoscript.com/ Vulnerable Type : SQL Injection & Cross Site Scripting...
Ruby 'Fiddle::Function.new' function heap buffer overflow vulnerability
Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. A heap buffer overflow vulnerability exists in the 'Fiddle::Function.new' function in Ruby versions 2.3.0 dev and 2.2.2. The vulnerability can be exploite...
lisa.py - An Exploit Dev Swiss Army Knife
lisa.py An Exploit Dev Swiss Army Knife. Installation Copy lisa.py and .lldbinit to / Use the following commands: ant4g0nist$ cp lisa.py /lisa.py ant4g0nist$ cp lldbinit /.lldbinit ant4g0nist$ lldb lllllll iiii l:::::l i::::i l:::::l iiii l:::::l l::::l iiiiiii ssssssssss aaaaaaaaaaaaa l::::l...
Scientific Linux Security Update : kernel on SL7.x x86_64 (20160512)
Security Fixes : - A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privilege...
Litesploit - Library and Intepreter for Penetration Testing Tools
Litesploit is a library and intepreter for penetration testing tools. This includes exploits, tools and litepreter. Litesploit support for Linux like ubuntu or debian, and more distro penetration testing like BackBox and Kali Linux. Platform | Support ---|--- Linux Ubuntu | Yes Linux Debian | Yes...
Null pointer dereference
The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via crafted access to a device file under the...
CVE-2011-5321
The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via crafted access to a device file under the...
CVE-2011-5321
The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via crafted access to a device file under the...
CVE-2011-5321
The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via crafted access to a device file under the...
DEBIAN-CVE-2015-1339
Memory leak in the cusechannelrelease function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service memory consumption or possibly have unspecified other impact by opening /dev/cuse many times...
CVE-2015-1339
Memory leak in the cusechannelrelease function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service memory consumption or possibly have unspecified other impact by opening /dev/cuse many times...
Access Point Impersonation Attacks: hostapd-wpe
hostapd-wpe – Wireless Pwnage Edition – hostapd-wpe is the replacement for FreeRADIUS-WPE . It implements IEEE 802.1x Authenticator and Authentication Server impersonation attacks to obtain client credentials, establish connectivity to the client, and launch other attacks where applicable...
[SECURITY] Fedora 24 Update: nodejs-i2c-0.2.1-6.fc24
Node.js native bindings for i2c-dev. Plays well with Raspberry Pi and Beaglebone...
Chrome Dev - BSD license, Exported ContentProvider, LGPL license vulnerabilities
HackApp vulnerability scanner discovered that application Chrome Dev published at the 'play' market has multiple vulnerabilities...
Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities
Exploit for php platform in category web applications Administrator optionsModify Current Theme" or use site.com/members/console.php?cID=61. You can then insert the PHP code of your choosing into Footer. In order to add or edit code you are required to provide a special Admin Key that was defined...
Fedora 23 : prosody-0.9.10-1.fc23 (2016-5a5c85c5a8)
Prosody 0.9.10 ============== A summary of changes in this release: Security -------- moddialback: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks CVE-2016-0756 Fixes and improvements ---------------------- Startup: Open /dev/urandom read-only, to fix a failure to...
QEMU 'usb/dev-network.c' integer overflow vulnerability
QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. An integer overflow vulnerability exists in QEMU. An attacker could exploit this vulnerability to execute arbitrary code in the context of an affected application, whic...
SS-2015-028: Missing security check on dev/build/defaults
More info at https://www.silverstripe.org/download/security-releases/ss-2015-028/...