419 matches found
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
Command injection
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
PT-2018-16202 · Unknown · Git-Dummy-Commit
Name of the Vulnerable Software and Affected Versions: git-dummy-commit version 1.3.0 Description: A command injection issue allows OS level commands to be executed due to an unescaped parameter. Recommendations: For git-dummy-commit version 1.3.0, consider restricting the use of the vulnerable...
Node.js third-party modules: [git-dummy-commit] Command injection on the msg parameter
Hi there, I've found a Command Injection on the "git-dummy-commit" module. Module module name: git-dummy-commit version: 1.3.0 npm page: https://www.npmjs.com/package/git-dummy-commit Module Description Create a dummy commit for testing Module Stats 62 downloads in the last day 94 downloads in th...
Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation Exploit
Exploit for macOS platform in category local exploits Another day, another root privesc bug in this plugin. Not quite so serious this time - this one is only exploitable if the user has the plugin installed but VMware Fusion not installed. This is a fairly unlikely scenario but it's a straight to...
geoip-attack-map - Cyber Security GeoIP Attack Map Visualization
This geoip attack map visualizer was developed to display network attacks on your organization in real time. The data server follows a syslog file, and parses out source IP, destination IP, source port, and destination port. Protocols are determined via common ports, and the visualizations vary i...
Actiontec WCB3000N 0.16.2.5 Privilege Escalation
Device Details Vendor: Actiontec Telus Branded Model: WCB3000N Affected Firmware: v0.16.2.5 Device Manual: http://static.telus.com/common/cms/files/internet/wifiplusextender.pdf Reported: November 2015 Status: Fixed on newest pushed firmware version CVE: Update is handled by the vendor, therefore...
The vulnerability of the Sblim-sfcb control mechanism allows a perpetrator to trigger a service failure.
The vulnerability of the lookupProviders function in the Sblim-sfcb management tool is related to pointer swapping errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially crafted package containing a dummy class name...
AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: AutoCAD DWG and DXF To PDF Converter v2.2 Buffer Overflow Date: 9-5-2015 Software Link: http://www.verypdf.com/autocad-dwg-dxf-to-pdf/dwgdxftopdfsetup.exe Exploit Author: Robbie Corley Contact: email protected Website: CVE:...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the xorg-x11-drv-dummy-0.3.6 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Linux-Kernel-2.6.34-rc3
The kernel allows processes to access the internal .reiserfspriv directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions are not enforced in that tree, so unprivileged users can view and potentially modify the xattrs on arbitrary files. import os, sys SHELL = 'int...
SuSE 11.2 / 11.3 Security Update : Apache2 (SAT Patch Numbers 8137 / 8138)
This collective update for Apache provides the following fixes : - Make sure that input that has already arrived on the socket is not discarded during a non-blocking read read2 returns 0 and errno is set to -EAGAIN. bnc815621 - Close the connection just before an attempted re-negotiation if data...
Information disclosure
DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files...
jruby-openssl Gem for JRuby fails to do proper certificate validation
A security problem involving peer certificate verification was found where failed verification silently did nothing, making affected applications vulnerable to attackers. Attackers could lead a client application to believe that a secure connection to a rogue SSL server is legitimate. Attackers...
CVE-2008-4947
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file...
CVE-2008-4947
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file...
Microsoft Windows Media Player 7.1 10 - .BMP Heap Overflow (MS06-005) (2)
Microsoft Windows Media Player 7.1 10 - .BMP Heap Overflow MS06-005 2 sploit creater by [email protected] ms06-005 advisory proof of concept heap overflow in wmf.dll @ 0x0035920a denial of service, cuz we can't get this to play nice shamelessly stolen from CANVAS code def intelorderi:...