3326 matches found
Adobe Media Encoder MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Media Encoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
YouPHPTube Encoder Operating System Command Injection Vulnerability
YouPHPTube is a PHP-based video website system.YouPHPTube Encoder is one of the encoders. An operating system command injection vulnerability exists in the 'base64Url' parameter of the /objects/getSpiritsFromVideo.php file in YouPHPTube Encoder version 2.3. The vulnerability arises when a network...
PT-2019-6026 · Adobe · Media Encoder
Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 13.1 and earlier Description: The issue is related to an out-of-bounds read in memory, which could allow a remote attacker to gain unauthorized access to protected information. Successful exploitation may lead to...
PT-2019-5959 · Adobe · Media Encoder
Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 13.1 and earlier Description: The issue is related to an out-of-bounds read vulnerability in the application for processing media data. Exploitation of this issue could allow a remote attacker to disclose protecte...
YouPHPTube Encoder base64Url multiple command injections
Summary Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific...
ACTi ACD-2100 Video Encoder Remote Command Execution Exploit
Exploit for hardware platform in category web applications !/usr/bin/perl ACTi ACD-2100 Video Encoder Remote Command Execution Exploit Copyright 2019 c Todor Donev Firmware Version = A1D-220-V3.08.08-AC Production ID = ACD2100-08E-X-00498 Factory Default Type = NTSC, Composite, Two Ways Audio 0x7...
ACTi ACD-2100 Video Encoder Remote Command Execution
!/usr/bin/perl ACTi ACD-2100 Video Encoder Remote Command Execution Exploit Copyright 2019 c Todor Donev Firmware Version = A1D-220-V3.08.08-AC Production ID = ACD2100-08E-X-00498 Factory Default Type = NTSC, Composite, Two Ways Audio 0x71 Company Name = ACTi Corporation WEB Site = www.acti.com...
flac:fuzzer_encoder: Crash in FLAC__bitwriter_free
Detailed Report: https://oss-fuzz.com/testcase?key=5648926757093376 Project: flac Fuzzing Engine: libFuzzer Fuzz Target: fuzzerencoder Job Type: libfuzzerasani386flac Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x553c57f0 Crash State: FLACbitwriterfree FLACstreamencoderfinish...
WordPress simple-mail-address-encoder plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. simple-mail-address-encoder is a plugin that supports encoding of e-mail addresses. A cross-site scripting vulnerability exists in...
CVE-2019-15833
The simple-mail-address-encoder plugin before 1.7 for WordPress has reflected XSS...
CVE-2019-15833
The simple-mail-address-encoder plugin before 1.7 for WordPress has reflected XSS...
CVE-2019-15833
CVE-2019-15833 affects the WordPress plugin simple-mail-address-encoder prior to version 1.7. The issue is a reflected XSS in the plugin, as documented across multiple sources (NVD, Red Hat, CNVD, CVE list, PRION, WPVulnDB). The root cause is reflected client-side scripting when untrusted input i...
PT-2019-14422 · Unknown · Simple-Mail-Address-Encoder
Name of the Vulnerable Software and Affected Versions: simple-mail-address-encoder plugin versions prior to 1.7 Description: The issue is related to reflected XSS in the simple-mail-address-encoder plugin. Recommendations: For versions prior to 1.7, update to version 1.7 or later to resolve the...
The vulnerability of the PlaintextPasswordEncoder class implementation in the Java framework for securing Spring Security industrial applications allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the PlaintextPasswordEncoder class implementation in the Spring Security Java framework, which is designed for securing industrial applications, is related to deficiencies in managing registration data. Exploiting this vulnerability could allow an attacker, operating remotely...
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Schneider Electric Pelco Endura NET55XX Encoder", 'Description' = %q This module exploits inadequate access controls within the webUI to enable t...
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Schneider Electric Pelco Endura NET55XX Encoder", 'Description' = %q This module exploits inadequate access controls within the webUI to enable t...
imagemagick/encoder_bmp_fuzzer: Use-of-uninitialized-value in cmsMLUgetASCII
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5742789528125440 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderbmpfuzzer Fuzz target binary: encoderbmpfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...
Schneider Electric Pelco Endura NET55XX Encoder
This module exploits inadequate access controls within the webUI to enable the SSH service and change the root password. This module has been tested successfully on: NET5501, NET5501-I, NET5501-XT, NET5504, NET5500, NET5516, NET550 versions. This module requires Metasploit:...
The vulnerability of the Dovecot mail server JSON encoder, which allows a hacker to cause a service failure
The vulnerability of the Dovecot mail server JSON encoder is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure due to attempting to authenticate with an invalid UTF-8 sequence as the user na...
WordPress Simple Mail Address Encoder plugin <= 1.6.1 - Reflected Authenticated Cross-Site Scripting (XSS) vulnerability
Reflected Authenticated Cross-Site Scripting XSS vulnerability found in WordPress Simple Mail Address Encoder plugin versions = 1.6.1. Solution Update the WordPress Simple Mail Address Encoder plugin to the latest available version at least 1.7...