CVE-2018-5720

An issue was discovered on DODOCOOL DC38 3-in-1 N300 Mini Wireless Range Extend RTN2-AW.GD.R3465.1.20161103 devices. A Cross-site request forgery CSRF vulnerability allows remote attackers to hijack the authentication of users for requests that modify all the settings. This vulnerability can lead...

Net-SNMPd Write Access SNMP-EXTEND-MIB arbitrary code execution

This exploit module exploits the SNMP write access configuration ability of SNMP-EXTEND-MIB to configure MIB extensions and lead to remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'snmp'...

Exiv2 Denial of Service Vulnerability (CNVD-2017-27706)

Exiv2 is a suite of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A denial of service vulnerability exists in the...

Design/Logic Flaw

There is an illegal address access in the extendaliastable function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service...

PHP Denial of Service Vulnerability (CNVD-2017-06940)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

UBUNTU-CVE-2017-8923

The zendstringextend function in Zend/zendstring.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging a script's use ...

PT-2017-2598

Name of the Vulnerable Software and Affected Versions PHP versions through 7.1.5 Description The issue is related to the zend string extend function in PHP, which does not prevent changes to string objects that result in a negative length. This allows remote attackers to cause a denial of service...

CVE-2016-10063

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file, related to extend validity...

CVE-2016-10063

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file, related to extend validity...

kernel: Use after free in array_map_alloc

Use after free vulnerability was found in percpu using previously allocated memory in bpf. First allocpercpugfp is called, then the memory is freed with freepercpu which triggers async pcpubalancework and then pcpuextendareamap could use a chunk after it has been freed...

kernel: Use after free in array_map_alloc

Use after free vulnerability was found in percpu using previously allocated memory in bpf. First allocpercpugfp is called, then the memory is freed with freepercpu which triggers async pcpubalancework and then pcpuextendareamap could use a chunk after it has been freed...

Symantec Ghost Solutions Suite Denial of Service Vulnerability - Windows

Symantec Ghost Solutions Suite is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SECURITY] Fedora 23 Update: prosody-0.9.10-1.fc23

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

[SECURITY] Fedora 22 Update: prosody-0.9.9-2.fc22

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

[SECURITY] Fedora 23 Update: prosody-0.9.9-2.fc23

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

net-snmp security and bug fix update

1:5.7.2-24 - Fixed lmSensorsTable not reporting sensors with duplicate names 1252053 - Fixed close overhead of extend commands 1252048 - Fixed out-of-bounds write in python code 1252034 1:5.7.2-23 - Fixed parsing of invalid variables in incoming packets 1248414 - Fixed...

[SECURITY] Fedora 20 Update: prosody-0.9.8-1.fc20

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

Nscan: Fast internet-wide scanner

Nscan: Fast internet-wide scanner Nscan is a fast Network scanner optimized for internet-wide scanning purposes and inspired by Masscan and Zmap. It has it’s own tiny TCP/IP stack and uses Raw sockets to send TCP SYN probes. It doesn’t need to set SYN Cookies so it doesn’t wastes time checking if...

Extend 1.3.7 - Shell Upload

The extend-wordpress WordPress plugin was affected by a Shell Upload security vulnerability...

PT-2014-6310 · Sap · Sap Hana Extended Application Services

Name of the Vulnerable Software and Affected Versions: SAP HANA Extend Application Services XS affected versions not specified Description: The issue concerns the lack of encryption for transmissions in applications that use form-based authentication with SSL, allowing remote attackers to interce...