khabarovsk.kassy.ru Open Redirect vulnerability

Open Bug Bounty ID: OBB-143114 Description| Value ---|--- Affected Website:| khabarovsk.kassy.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

Solaris 10 (x86) : 152265-01 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Utilities. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via RPC to compromise Solaris. Successful attacks of this...

PivotX 2.3.11 Directory Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: PivotX 2.3.11 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to public: 03/15/2016...

Zenphoto 1.4.11 Remote File Inclusion

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Zenphoto 1.4.11 Fixed in: 1.4.12 Fixed Version Link: https://github.com/zenphoto/zenphoto/archive/ zenphoto-1.4.12.zip Vendor Website: http://www.zenphoto.org/ Vulnerability Type: RFI Remote Exploitable: Yes Reported to...

BigTree 4.2.8 Object Injection / Improper Filename Sanitization

Security Advisory - Curesec Research Team 1. Introduction Affected Product: BigTree 4.2.8 Fixed in: BigTree 4.2.9 Fixed Version Link: https://www.bigtreecms.org/download/ Vendor Website: https://www.bigtreecms.org/ Vulnerability Type: Object Injection & Improper Filename Sanitation Remote...

ZenPhoto 1.4.11 - Remote File Inclusion

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Zenphoto 1.4.11 Fixed in: 1.4.12 Fixed Version Link: https://github.com/zenphoto/zenphoto/archive/ zenphoto-1.4.12.zip Vendor Website: http://www.zenphoto.org/ Vulnerability Type: RFI Remote Exploitable: Yes Reported to...

TeamPass 2.1.24 - Multiple Vulnerabilities

Affected Product: TeamPass Vulnerability Type: Multiple XSS,CSRF, SQL injections Fixed in Version: 2.1.25 https://github.com/nilsteampassnet/TeamPass/releases/tag/2.1.25.0 Vendor Website: http://www.teampass.net Software Link: : https://github.com/nilsteampassnet/TeamPass Affected Version: 2.1.24...

Memory corruption when modifying a file being read by FileReader — Mozilla

Security researcher Oriol reported memory corruption when local files are modified by either the user or another program at the same time being read using the FileReader API. This flaw requires that input be taken from a local file in order to be triggered and cannot be triggered by web content...

Use-after-free in HTML5 string parser — Mozilla

Security researcher ca0nguyen, working with HP's Zero Day Initiative, reported a use-after-free issue in the HTML5 string parser when parsing a particular set of table-related tags in a foreign fragment context such as SVG. This results in a potentially exploitable crash...

Use-after-free in SetBody — Mozilla

Security researcher lokihardt, working with HP's Zero Day Initiative, reported a use-after-free issue in the SetBody function of HTMLDocument. This results in a potentially exploitable crash...

Service Worker Manager out-of-bounds read in Service Worker Manager — Mozilla

Security researcher Looben Yang reported a mechanism where the Clients API in Service Workers can be used to trigger an out-of-bounds read in ServiceWorkerManager. This results in a potentially exploitable crash...

Buffer overflow in Brotli decompression — Mozilla

Security researcher Luke Li reported a pointer underflow bug in the Brotli library's decompression that leads to a buffer overflow. This results in a potentially exploitable crash when triggered...

Memory corruption with malicious NPAPI plugin — Mozilla

The CESG, the Information Security Arm of GCHQ, reported a dangling pointer dereference within the Netscape Plugin Application Programming Interface NPAPI that could lead to the NPAPI subsystem crashing. This issue requires a maliciously crafted NPAPI plugin in concert with scripted web content,...

Use-after-free during XML transformations — Mozilla

Security researcher Nicolas Grégoire used the Address Sanitizer to find a use-after-free during XML transformation operations. This results in a potentially exploitable crash triggerable by web content...

Use-after-free when using multiple WebRTC data channels — Mozilla

Security researcher Dominique Hazaël-Massieux reported a use-after-free issue when using multiple WebRTC data channel connections. This causes a potentially exploitable crash when a data channel connection is freed from within a call through it...

Out-of-bounds read in HTML parser following a failed allocation — Mozilla

Security researcher Ronald Crane reported an out-of-bounds read following a failed allocation in the HTML parser while working with unicode strings. This can also affect the parsing of XML and SVG format data. This leads to a potentially exploitable crash...

graphite2 -- multiple vulnerabilities

Mozilla Foundation reports: Security researcher Holger Fuhrmannek and Mozilla security engineer Tyson Smith reported a number of security vulnerabilities in the Graphite 2 library affecting version 1.3.5. The issue reported by Holger Fuhrmannek is a mechanism to induce stack corruption with a...

Out-of-bounds write with malicious font in Graphite 2 — Mozilla

Security researcher James Clawson used the Address Sanitizer tool to discover an out-of-bounds write in the Graphite 2 library when loading a crafted Graphite font file. This results in a potentially exploitable crash...

Use-after-free in GetStaticInstance in WebRTC — Mozilla

Security researcher Ronald Crane reported a race condition in GetStaticInstance in WebRTC which results in a use-after-free. This could result in a potentially exploitable crash. This issue was found through code inspection and does not have clear mechanism to be exploited through web content but...

Fiyo CMS 2.0.6.1 Cross Site Scripting

Introduction Affected Product: Fiyo CMS 2.0.6.1 Fixed in: 2.0.6.2 Vendor Website: http://www.fiyo.org/ Vulnerability Type: XSS Remote Exploitable: Yes 2. Overview There are multiple XSS vulnerabilities in Fiyo CMS 2.0.6.1. The vulnerabilities exist due to insufficient filtration of user-supplied...