UBUNTU-CVE-2015-7684

Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated users to execute arbitrary code by adding a file with an executable extension as an attachment to a new ticket, then accessing it via a direct request to the file in files/tmp/...

Cisco AnyConnect Secure Mobility Client for Linux and Mac OS X Privilege Escalation Vulnerability

A vulnerability in the code responsible for the self-updating feature of Cisco AnyConnect Secure Mobility Client for Linux and the Cisco AnyConnect Secure Mobility Client for Mac OS X could allow an authenticated, local attacker to execute an arbitrary executable file of its choosing with...

CVE-2015-5839

dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app that places a crafted signature in an executable file...

Unrestricted file upload

Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in content/private/plugins/myimage/image.php...

Microsoft Outlook RTF Embedded Object Security Bypass (CVE-2004-0503)

A security bypass vulnerability exists in Microsoft Outlook. The vulnerability is due to a lack of validation for certain OLE objects attached to RTF messages. A successful exploitation may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-locati...

AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: AutoCAD DWG and DXF To PDF Converter v2.2 Buffer Overflow Date: 9-5-2015 Software Link: http://www.verypdf.com/autocad-dwg-dxf-to-pdf/dwgdxftopdfsetup.exe Exploit Author: Robbie Corley Contact: email protected Website: CVE:...

Malicious Mail Payload Containing JavaScript Downloader

Certain malicious executable files can be hidden using js downloader file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...

MGASA-2015-0334 Updated glusterfs packages fix security vulnerability

There were cases where setuid could fail even when the caller is UID 0 The glusterd.service file was set as executable but that is not necessary. This update resolves both of these issues...

CVE-2015-3803

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file...

Design/Logic Flaw

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism by appending code to a crafted executable file...

Advantech WebAccess < 7.2-2013.11.14 Multiple Vulnerabilities

Binary data scadaadvantechwebaccess7220131114.nbin...

Design/Logic Flaw

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file...

CVE-2015-3803

Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted multi-architecture executable file...

Metasploit AV Evasion - Metasploit payload generator that avoids most Anti-Virus products

Metasploit payload generator that avoids most Anti-Virus products. Installing git clone https://github.com/nccgroup/metasploitavevasion.git chmod +x the avoid.sh file before use. How To Use ./avoid.sh Then follow the on screen prompts. Features Easily generate a Metasploit executable payload to...

Microsoft Lync Remote Code Execution Vulnerabilities (3078662)

This host is missing a critical security update according to Microsoft Bulletin MS15-080. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PEframe - Tool to perform static analysis on Portable Executable malware

PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...

Fedora 22 : roundcubemail-1.1.2-1.fc22 (2015-11405)

Release 1.1.2 - Add new plugin hook 'identitycreateafter' providing the ID of the inserted identity 1490358 - Add option to place signature at bottom of the quoted text even in top-posting mode sigbelow - Fix handling of %-encoded entities in mailto: URLs 1490346 - Fix zipped messages downloads...

openSUSE Security Update : Chromium (openSUSE-2015-513)

Chromium was updated to 44.0.2403.89 to fix multiple security issues. The following vulnerabilities were fixed : - CVE-2015-1271: Heap-buffer-overflow in pdfium - CVE-2015-1273: Heap-buffer-overflow in pdfium - CVE-2015-1274: Settings allowed executable files to run immediately after download -...

FreeBSD : chromium -- multiple vulnerabilities (9d732078-32c7-11e5-b263-00262d5ed8ee)

Google Chrome Releases reports : 43 security fixes in this release, including : - 446032 High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer. - 459215 High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft. - 461858 High CVE-2015-1274: Settings allowed...

Google Chrome Multiple Vulnerabilities-01 (Jul 2015) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...