6809 matches found
Android Debuggerd Debugger Device Memory Leak Vulnerability
debuggerd is a diagnostic daemon that comes with Android system for abnormal program exit. this process can detect program crash and output the process status information of the crashed program to the file and serial port. Debuggerd 4.0 Ice Cream Sandwich to Lollipop 5.x suffers from a security...
CVE-2015-1900
IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors...
Linux/x86 - exec'/bin/dash' shellcode 45 bytes
Linux/x86 - exec'/bin/dash' shellcode 45 bytes. Shellcode exploit for linx86 platform / Title: Linux/x86 exec'/bin/dash' - shellcode 45 bytes Platform: linux/x8664 Date: 2015-06-15 Author: Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes ,...
CVE-2015-4607
Unrestricted file upload vulnerability in the Frontend User Upload feupload extension 0.5.0 and earlier for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension using a frontend form, then accessing it via a direct request to the file in the...
Unrestricted file upload
Unrestricted file upload vulnerability in the Job Fair jobfair extension before 1.0.1 for TYPO3, when using Apache with modmime, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the extension...
Adware-Laden Skype Botnet Disrupted
Skype, Microsoft’s now ubiquitous video/messenger program, has long been a go-to destination for attackers looking to peddle their malware. The latest campaign to leverage the software – a botnet circulating adware, composed entirely of Skype users – was recently disrupted by researchers. Ronnie...
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
!/usr/bin/python import BaseHTTPServer, socket IBM Security AppScan Standard OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 1 June 2015 Version: function runmumaa On Error Resume Next set shell=createobject"Shel...
Threat Outbreak Alert RuleID8337: Email Messages Distributing Malicious Software on January 21, 2016
Medium Alert ID: 38981 First Published: 2015 May 23 03:13 GMT Last Updated: 2016 January 21 20:55 GMT Version: 30 Summary Email messages that are related to this threat RuleID8337 and RuleID8337KVR may contain the following files: Name | Size in Bytes | MD5 Checksum ---|---|--- Pay Slip.zip /...
Lenovo System Update Privilege Escalation Exploit
Exploit for hardware platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit3 'Lenovo System Update Privilege Escalation', 'Description' = %q The named pipe, \SUPipeServer,...
SecuritySoftView - Displays the AntiVirus / AntiSpyware / Firewall registered with the security center of Windows
SecuritySoftView is a simple tool that displays the AntiVirus, AntiSpyware, and Firewall programs that are currently installed on your system and registered with the security center of Windows operating system. System Requirements This utility works on any version of Windows, starting from Window...
SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2013:1256-1)
IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed : - add Europe/Busingen to tzmappings bnc817062 - mark files in jre/bin and bin/ as executable bnc823034 Note that...
Adobe Acrobat and Reader Buffer Overflow (APSB15-10: CVE-2015-3048)
A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while creating a new broker process for the IE EPM sandbox. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Rockwell Automation RSLinx Classic Vulnerability
RSLinx Classic is used to enable communication between Rockwell Software applications within an industrial control system. A stack buffer overflow vulnerability exists in the implementation of OPCTest.exe in RSLinx Classic versions prior to 3.73.00. This allows an attacker to exploit this...
The vulnerability of the File System API interface of Google Chrome allows a remote attacker to bypass the SafeBrowsing security mechanism.
The vulnerability of the Google Chrome browser’s File System API allows a malicious actor to bypass the SafeBrowsing security mechanism for executable files. This can be achieved by creating an executable file in a temporary file system, and then accessing it using a request of the...
HUAWEI MobiConnect weak permissions
Weak permissions for executable files...
EasyCTF Arbitrary File Content Write Vulnerability
EasyCTF is a CGI program for scoring CTFs. EasyCTF has an unspecified security vulnerability that could be exploited by remote attackers to write arbitrary executable content to a file...
CVE-2015-0912
EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspecified vectors...
CVE-2015-0912
EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspecified vectors...
Oracle Reports Server unauthorized report execution vulnerability-vulnerability warning-the black bar safety net
Affected system: Oracle Reports 9i Oracle Reports 6i 6.0.8.19 Oracle Reports 6i 6.0.8 Oracle Reports 6 Oracle Reports 10g 9.0.4.3.3 Oracle Reports 10g 9.0.4 Oracle Reports 10g 9.0.3 Oracle Reports 10g 9.0.2 Oracle Reports 10g 9.0.1 Oracle Reports 10g 9.0 Description:...
[SECURITY] [DSA 3238-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3238-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 26, 2015 http://www.debian.org/security/faq -...