Polizei Abkürzungen - External URLs, WebView JavaScript enabled, WebView files access vulnerabilities

HackApp vulnerability scanner discovered that application Polizei Abkürzungen published at the 'play' market has multiple vulnerabilities...

Learn Arabic Education - External URLs, Suspicious files, WebView JavaScript enabled vulnerabilities

HackApp vulnerability scanner discovered that application Learn Arabic Education published at the 'play' market has multiple vulnerabilities...

Tib Dict - External URLs, Unsafe deleting, WebView JavaScript enabled vulnerabilities

HackApp vulnerability scanner discovered that application Tib Dict published at the 'play' market has multiple vulnerabilities...

Water Ripples Live Watch Face - Suspicious files, Unsafe deleting, WebView JavaScript enabled vulnerabilities

HackApp vulnerability scanner discovered that application Water Ripples Live Watch Face published at the 'play' market has multiple vulnerabilities...

CubeCart Stored Cross-Site Scripting Vulnerability

CubeCart is an open source PHP e-commerce software system. A stored cross-site scripting vulnerability exists in CubeCart. Due to insufficient filtering of user-supplied data via the "firstname" and "lastname" HTTP POST parameters passed to the "/index.php" script input, a remotely-authenticated...

Discuz! 后台开启广播条件下的存储型跨站脚本漏洞和ssrf漏洞

No description provided by source...

openstack-glance: Glance image status manipulation through locations

An authorization vulnerability in OpenStack Image service was discovered, which allowed image-status manipulation using locations. By removing the last location of an image, an authenticated user could change the status from 'active' to 'queue'. A malicious tenant could exploit this flaw to...

Pornhub: HTTP Track/Trace Method Enabled

Researcher identified that HTTP TRACE method was enabled...

Wix ShoutOut - Customized SSL, Redefined SSL Common Names verifier, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Wix ShoutOut published at the 'play' market has multiple vulnerabilities...

CVE-2016-1262

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway RTSP ALG is enabled, allow remote attackers to cause a denial of service flowd crash v...

ownCloud Server Information Disclosure Vulnerability (CNVD-2016-00189)

OwnCloud is a free and open source personal cloud storage solution from German company OwnCloud, which provides file management, music storage, calendaring, etc. OwnCloud Server is a server version. A security vulnerability exists in ownCloud Server that stems from a failure of the program to...

CentOS Update for nss CESA-2016:0007 centos7

Check the version of nss SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882355";...

Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities

Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities Full Disclosure: Exploit Title : Belkin N150 Wireless Home Router Multiple Vulnerabilities Exploit Author : Rahul Pratap Singh Date : 30/Nov/2015 Home Page Link : http://www.belkin.com Blog Url : 0x62626262.wordpress.com Linkedin :...

Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities

Full Disclosure: Exploit Title : Belkin N150 Wireless Home Router Multiple Vulnerabilities Exploit Author : Rahul Pratap Singh Date : 30/Nov/2015 Home Page Link : http://www.belkin.com Blog Url : 0x62626262.wordpress.com Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 Status : Not Patche...

Oracle Linux 7 : krb5 (ELSA-2015-2154)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2154 advisory. - the rebase to krb5 1.13.1 in vers 1.13.1-0 also fixed: - Bug 1144498 'Fix the race condition in the libkrb5 replay cache' - Bug 1163402 'kdb5ldaputil...

ZTE ZXHN H108N R1A Default Account Privilege Bypass Vulnerability

The ZTE ZXHN H108N R1A is a wireless router product from China's ZTE Corporation. ZTE ZXHN H108N R1A ZTE.bhs.ZXHNH108NR1A.hPE The root account uses the 'root' password, which can be exploited by a remote attacker to take full control of the device when the system is enabled with Telnet service...

[SECURITY] Fedora 23 Update: drupal7-active_tags-2.0-0.9.alpha1.fc23

Active Tags adds a new option to free tagging taxonomies. If selected the taxonomy widget is replaced by a new jQuery enabled tag entry widget. This package provides the following Drupal 7 module: activetags...

SOL17461 - OpenSSH vulnerability CVE-2015-5352

Recommended Action 1By default, the vulnerable code is not enabled and is not used by the affected BIG-IP, BIG-IQ, and Enterprise Manager versions. In a standard/default configuration, the vulnerability is not exposed. If you are running a version listed in the Versions known to be vulnerable...

Bad performance noticed on issues with long history

Performing some testing with JIRA 6.4.5, I've noticed that there is a huge difference when logging work on an issue with no history and on an issue with a long history. I enabled Profiling on JIRA to check the difference: Example 1: Issue with 858 entries on history: noformat 2015-10-21...

IBM Multi-Enterprise Integration Gateway_2 Information Disclosure Vulnerability

IBM Multi-Enterprise Integration Gateway is a cross-enterprise integrated communications gateway product from IBM in the United States. An information disclosure vulnerability exists in IBM Multi-Enterprise Integration Gateway2, which allows an authenticated remote user to obtain sensitive...