CVE-2012-4060

Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 profile.asp, 2 forum.asp, or 3 topic.asp...

CVE-2012-4061

ASP-DEv XM Diary is affected by SQL injection flaws in the diary_view.asp (id parameter) and default.asp (view_date parameter). The underlying issue allows remote attackers to craft input to cause arbitrary SQL execution, as summarized by CVE-2012-4061. The entry records a CVSS v2 base score of 7...

CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed

Android's DNS resolver is vulnerable to DNS poisoning due to weak randomness in its implementation. Researchers Roee Hay & Roi Saltzman from IBM Application Security Research Group demonstrate that how an attacker can successfully guess the nonce of the DNS request with a probability thatis su...

unix/x86 Backshell[/dev/tcp],Port(30) - 61 bytes Shellcode

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

CVE-2011-1476

Integer underflow in the Open Sound System OSS subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service memory corruption by leveraging write access to /dev/sequencer...

CVE-2011-1477

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service heap memory corruption or possibly gain privileges by leveraging write access to /dev/sequencer...

Memory corruption

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service heap memory corruption or possibly gain privileges by leveraging write access to /dev/sequencer...

Integer overflow

Integer underflow in the Open Sound System OSS subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service memory corruption by leveraging write access to /dev/sequencer...

CVE-2011-1477

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service heap memory corruption or possibly gain privileges by leveraging write access to /dev/sequencer...

CVE-2011-1476

CVE-2011-1476 is an integer underflow in the Linux kernel OSS subsystem (specifically the MIDI/OSS sequencer driver) before 2.6.39 on unspecified non-x86 platforms. It allows local users to cause a denial of service via memory corruption by crafting writes to /dev/sequencer. Publicly documented f...

CVE-2011-1477

CVE-2011-1477 affects the Linux kernel (sound/oss/opl3.c) through multiple array index errors before 2.6.39. These flaws allow local users to cause a denial of service via heap memory corruption and, potentially, gain privileges by writing to /dev/sequencer. The issue is tied to Yamaha YM3812/OPL...

Absinthe 2.0 Jailbreak for iOS 5.1.1 Devices Released

A group of developers has released a new untethered jailbreak for devices running iOS 5.1.1. The hack allows users to run unsigned apps on their devices, something that Apple doesn’t like so much. The new version of the Absinthe jailbreak tool was released publicly on Friday by the Chronic-Dev Te...

ASP-DEv XM Forums SQL Injection

Exploit Title : ASP-DEv XM Forums SQL Injection Vulnerability Author : Secure-Land Security Team Discovered By : farbodmahini Home : Secure-Land.net Version : All Version Software Link : http://www.asp-dev.com/download.asp?did=1 Contact : [email protected] , [email protected] Security Ri...

ASP-DEv XM Diary SQL Injection

Exploit Title : ASP-DEv XM Diary SQL Injection Vulnerability Author : Secure-Land Security Team Discovered By : farbodmahini Home : Secure-Land.net Version : All Version Software Link : http://www.asp-dev.com/download.asp?did=2 Contact : [email protected] , [email protected] Security Ris...

PHP Built-in WebServer 'Content-Length' Denial of Service Vulnerability

PHP Built-in WebServer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP 5.4.0 Denial Of Service

!/usr/bin/python Title: PHP 5.4.0 Built-in Web Server DoS PoC Date: 16 March 2012 Author: ls [email protected] Reference: https://bugs.php.net/bug.php?id=61461 Comments: Fixed in PHP 5.4.1RC1-DEV and 5.5.0-DEV The value of the Content-Length header is passed directly to a pemalloc call in...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the orderedmalloc function in boost/pool/pool.hpp. An attacker can perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated...

libxml2: Denial of service

Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description libxml2 does not properly randomize hash functions to protect against hash collision attacks. Impact A remote attacker could entice a user or automated system to open a specially crafted XML document...

GLSA-201203-05 : Rack: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201203-05 Rack: Denial of Service Rack does not properly randomize hash functions to protect against hash collision attacks. Impact : A remote attacker could send a specially crafted form post, possibly resulting in a Denial of...

DZCP (deV!L_z Clanportal) Witze Addon 0.9 - SQL Injection

DZCP deV!Lz Clanportal Witze Addon 0.9 - SQL Injection ======================================================================================== | Title : deV!Lz Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability | Author : Easy Laster | Download :...