CVE-2015-0912

EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspecified vectors...

Oracle Reports Server unauthorized report execution vulnerability-vulnerability warning-the black bar safety net

Affected system: Oracle Reports 9i Oracle Reports 6i 6.0.8.19 Oracle Reports 6i 6.0.8 Oracle Reports 6 Oracle Reports 10g 9.0.4.3.3 Oracle Reports 10g 9.0.4 Oracle Reports 10g 9.0.3 Oracle Reports 10g 9.0.2 Oracle Reports 10g 9.0.1 Oracle Reports 10g 9.0 Description:...

[SECURITY] [DSA 3238-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3238-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 26, 2015 http://www.debian.org/security/faq -...

Fedora 22 : jenkins-1.606-1.fc22 / jenkins-executable-war-1.29-4.fc22 / jffi-1.2.7-5.fc22 (2015-5430)

Security fix for CVE-2015-1806, CVE-2015-1807, CVE-2015-1813, CVE-2015-1812, CVE-2015-1810, CVE-2015-1808, CVE-2015-1809, CVE-2015-1814, CVE-2015-1811 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...

[SECURITY] Fedora 22 Update: jenkins-executable-war-1.29-4.fc22

This package enables executable war support for Jenkins...

Unrestricted file upload

Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin before 2.5.96 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specifi...

Google Chrome FileSystem API Security Bypass Vulnerability

Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in the FileSystem API of Google Chrome versions prior to 40.0.2214.91. A remote attack exploiting this vulnerability could bypass the SafeBrowsing for Executable Files protection mechanism by creating an .ex...

CVE-2015-1248

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

CVE-2015-1248

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

Design/Logic Flaw

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

UBUNTU-CVE-2015-1248

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

CVE-2015-1248

CVE-2015-1248 affects Google Chrome's FileSystem API prior to 40.0.2214.91, enabling a SafeBrowsing bypass by placing an .exe in a temporary filesystem and referencing it via a filesystem:http: URL. The issue is referenced in multiple advisories (Debian DSA-3238-1, Gentoo GLSA-201506-04, CNVD-201...

CVE-2015-1248

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

CVE-2015-1248

Removed by vendor...

CVE-2015-0968

Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 8.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and the image/jpeg content type, a different vulnerability than CVE-2013-3590...

chromium-browser: SafeBrowsing bypass

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

Apport/Abrt Local Root Exploit

Exploit for linux platform in category local exploits define GNUSOURCE include include include include include include include include include include include include include include warning this file must be compiled with -static // // Apport/Abrt Vulnerability Demo Exploit. // // Apport:...

Return-into-libc attack and Defense-bug warning-the black bar safety net

This article first analyzes the return-into-libc attack principle, were introduced in different platforms for the traditional return-into-libc attack of the experimental process and results. Then, this paper further introduces and explains the return-oriented programming attacks, this attack can...

PT-2015-3328 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 3.10.77 Description: The issue is related to the function load elf binary in the Linux kernel, which incorrectly allocates address space for PIE binaries when CONFIG ARCH BINFMT ELF RANDOMIZE PIE is enabled and ...

Apport/Abrt (Ubuntu / Fedora) - Local Privilege Escalation

define GNUSOURCE include include include include include include include include include include include include include include warning this file must be compiled with -static // // Apport/Abrt Vulnerability Demo Exploit. // // Apport: CVE-2015-1318 // Abrt: CVE-2015-1862 // // --...