8675 matches found
CVE-2014-8502
Heap-based buffer overflow in the peprintedata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a truncated export table in a PE file...
UBUNTU-CVE-2014-8502
Heap-based buffer overflow in the peprintedata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a truncated export table in a PE file...
CVE-2014-8502
Heap-based buffer overflow in the peprintedata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a truncated export table in a PE file...
Fedora 21 : phpMyAdmin-4.2.12-1.fc21 (2014-15588)
phpMyAdmin 4.2.12.0 2014-11-20 ================================ - Blank/white page when JavaScript disabled - Multi row actions cause full page reloads - ReferenceError: targeurl is not defined - Incorrect text/icon display in Tracking report - Recordset return from procedure display nothing - Ed...
Fedora 21 : libreoffice-4.3.4.1-8.fc21 (2014-15968)
Don't create duplicate Mirrored props which can lead to creating odp files which cannot be reloaded Fix abrt crash with NULL pView Crash in clipboard code Fix export to pdf of Nimbus Sans L etc when using typographical quotes etc. Fixes for various crashes on importing malformed rtf New bugfix...
[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.12-1.fc21
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
SQL Buddy 1.3.3 - Remote Code Execution
SQL Buddy 1.3.3 - Remote Code Execution Exploit Title: SQL Buddy Remote Code Execution Date: November 29 2014 Exploit Author: Fady Osman @fadyosman Youtube Channel : https://www.youtube.com/user/cutehack3r Vendor Homepage: http://sqlbuddy.com/ Software Link:...
SQL Buddy 1.3.3 - Remote Code Execution
Exploit Title: SQL Buddy Remote Code Execution Date: November 29 2014 Exploit Author: Fady Osman @fadyosman Youtube Channel : https://www.youtube.com/user/cutehack3r Vendor Homepage: http://sqlbuddy.com/ Software Link: https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Version: SQL...
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.12-1.fc19
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
CVE-2014-8598
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...
CVE-2014-8598
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...
Code injection
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...
CVE-2014-8598
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...
CVE-2014-8598
CVE-2014-8598 affects MantisBT 1.2.x via the XML Import/Export plugin, which could allow unauthorized attackers to upload arbitrary XML files or obtain sensitive information due to insufficient access restrictions. This is explicitly stated in connected documents as part of multiple vulnerabiliti...
RHEL 5 : vdsm (RHSA-2010:0473)
Updated vdsm packages that fix one security issue, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...
CVE-2014-0228
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for 1 import and 2 export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI...
DEBIAN-CVE-2014-8564
The gnutlseccansix963export function in gnutlsecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service out-of-bounds write via a crafted 1 Elliptic Curve Cryptography ECC certificate or 2 certificate signing requests CSR,...
mantisbt: arbitrary code execution and unrestricted access
CVE-2014-7146 arbitrary code execution When importing data with the plugin, user input passed through the "description" field and the "issuelink" attribute of the uploaded XML file isn't properly sanitized before being used in a call to the pregreplace function which uses the 'e' modifier. This...
Asterisk Password Spy v3.1 - Windows Asterisk Password Recovery Tool
Asterisk Password Spy is the FREE tool to instantly reveal the hidden password behind asterisks . It's user friendly interface can help you to easily find the passwords from any Windows based application.You can simply drag the 'search icon' to any password box to find the real password hidden by...
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.10.1-1.fc19
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...