2655 matches found
Linux Kernel 2.2/2.4 Ptrace/Setuid Exec Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3447/info Linux contains a vulnerability in it's exec implementation that may allow for modification of setuid process memory via ptrace. The vulnerability is due to the fact that it is possible for a traced process to ex...
ZoneMinder Video Server packageControl Command Execution (CVE-2013-0232)
A code execution vulnerability has been reported in ZoneMinder. The vulnerability is due to flaw in the index.php script that is triggered when user supplied input used in the /includes/actions.php file is passed from the 'runeState' parameter to the 'packageControl, which calls exec with user...
openSUSE Security Update : kernel (openSUSE-SU-2011:0860-1)
The openSUSE 11.4 kernel was updated to 2.6.37.6 fixing lots of bugs and security issues. Following security issues have been fixed: CVE-2011-2495: The /proc/PID/io interface could be used by local attackers to gain information on other processes like number of password characters typed or simila...
UBUNTU-CVE-2014-3956
The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...
CVE-2014-0524
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526...
Veritas Backup Exec Server Remote Registry Access Code Execution - Ver2 (CVE-2005-0771)
A code execution vulnerability has been reported in Veritas Backup Exec Server. Successful exploitation of this vulnerability could allow a remote attacker to modify the registry and execute arbitrary methods via RPC on the affected system...
Oracle Demantra 12.2.1 - SQL Injection
Details: Application is vulnerable to SQL injection. Impact: An attacker with access to the vulnerable pages could manipulate the queries being sent to the database, potentially enabling them to: - Extract sensitive information, including but not limited to authentication credentials and personal...
Barracuda Load Balancer‘/cgi-mod/index.cgi’远程命令注入漏洞
BUGTRAQ ID: 65508 Barracuda Load Balancer是美国梭子鱼(Barracuda Networks)公司的一款应用交付控制器。该控制器提供对入侵和攻击事件的防护功能,并同时优化应用负载和提供强大的性能支持。 Barracuda Load Balancer中存在远程命令注入漏洞。攻击者可利用该漏洞在受影响应用程序上下文中执行任意命令。Barracuda Load Balancer 340 4.2.2.007版本中存在漏洞,其他版本也可能受到影响。 0 Barracuda Load Balancer 340 4.2.2.007...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3010)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3010 advisory. - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247290 CVE-2013-7263 CVE-2013-7265 -...
Unbreakable Enterprise kernel security update
3.8.13-26.1.1.el6uek - inet: fix addrlen/msg-msgnamelen assignment in recverror and rxpmtu functions Hannes Frederic Sowa 18247287 CVE-2013-7263 CVE-2013-7265 - inet: prevent leakage of uninitialized memory to user in recv syscalls Hannes Frederic Sowa 18238377 CVE-2013-7263 CVE-2013-7265 -...
WordPress E-Commerce 3.8.9.5 File Upload / XSS / CSRF / Code Execution
----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a |.......................| N l |.....................| S E |.......................| e D...
Wordpress Plugin (wp-e-commerce v3.8.9.5) Multiple Vulnerabilities
Wordpress Plugin wp-e-commerce v3.8.9.5 - File Upload - RCE - LFI - XSS/CSRF ----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a...
osCmax e-Commerce v2.5.3 (FU/ObjectInject) Multiple Vulnerabilities
osCmax e-Commerce v2.5.3 is suffer from multiple vulnerabilities remote attacker can upload file/shell via header attacks or exec a JavaScript Code & Inject a remote Object see also : CVE-2013-4144 Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...
NeoBill 0.9-alpha eCommerce Command Execution / SQL Injection / LFI
Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Title : NeoBill...
NeoBill v0.9-alpha eCommerce <= (RCE/SQLi/LFI) Vulnerabilities
NeoBill v0.9-alpha is suffer from multiple vulnerabilities Usage Info Bllind Exploitation via cURL exploits or HTTP Headers Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz...
CVE-2013-6366
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime.exec call...
DEBIAN-CVE-2013-2208
tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec command in a TPP template file...
Symantec Backup Exec RALUS Code Execution (SYM13-009)
The version of Symantec Backup Exec RALUS installed on the remote host is 2010 earlier than 2010 R3 SP3, or 2012 earlier than 2012 SP2. Such versions are potentially affected by a heap overflow vulnerability. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code...
Symantec Backup Exec Server Multiple Vulnerabilities (SYM13-009)
According to its version number, the Symantec Backup Exec Server installed on the remote Windows host is affected by multiple vulnerabilities : - Multiple cross-site scripting vulnerabilities exist in the management console and the beutility console. CVE-2013-4676 - Backup and restore data files...
Symantec Backup Exec Remote Agent for Linux and UNIX Servers (RALUS) Installed
Symantec Backup Exec Remote Agent for Linux and UNIX Servers RALUS, a backup agent for Linux and UNIX servers, is installed on the remote host. TRUSTED...