CVE-2017-16995

The checkaluop function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging incorrect sign extension...

MS15-110: Description of the security update for Office 2016 for Mac: October 13, 2015

MS15-110: Description of the security update for Office 2016 for Mac: October 13, 2015 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

MS16-1 2 4: Microsoft kernel integer overflow vulnerability-vulnerability warning-the black bar safety net

Foreword Last month I found and reported a Windows registry integer overflow vulnerability, the last week two 2016.10.25）Microsoft released the bug fix patch MS16-1 2 4 and the vulnerability number CVE-2 0 1 6-0 0 7 0's. The vulnerability may lead to local privilege escalation that affects multip...

RSS News AutoPilot Script 1.0.1 / 3.1.0 - Admin Panel Authentication Bypass

Exploit for php platform in category web applications Exploit Title: RSS News AutoPilot Script - Admin Panel Authentication Bypass Date: 14 October 2016 Exploit Author: Arbin Godar Website : ArbinGodar.com Software Link: https://codecanyon.net/item/rss-news-autopilot-script/11812898 Version: 1.0....

D-Link DIR-816L Cross Site Request Forgery

Title: ==== D-link wireless router DIR-816L – Cross-Site Request Forgery CSRF vulnerability Credit: ====== Name: Bhadresh Patel Company/affiliation: HelpAG Website: www.helpag.com CVE: ===== CVE-2015-5999 Date: ==== 10-11-2015 dd/mm/yyyy Vendor: ====== D-Link is a computer networking company with...

Fortinet FortiAnalyzer&FortiManager - XSS Vulnerability

Document Title: =============== Fortinet FortiAnalyzer&FortiManager - XSS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1354 Security Bulletin FortiGuard: http://www.fortiguard.com/advisory/FG-IR-15-005/ PSIRT ID: 1327458...

Fedora 21 : libxml2-2.9.1-7.fc21 (2015-4658)

fixes built in also added a couple of other entities related patches including a fix to CVE-2014-3660 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Cisco Ironport AsyncOS HTTP Header Injection

Cisco Ironport AsyncOS HTTP Header Injection Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.0.1-023 Cisco Ironport WSA - AsyncOS 8.5.5-021 Cisco Ironport SMA - AsyncOS 8.4.0-138 Date: 24/02/2015 Credits: Glafkos Charalambous CVE: CVE-2015-062...

WordPress Video Gallery 2.7 SQL Injection

Exploit Title : Wordpress Video Gallery 2.7 SQL Injection Vulnerability Exploit Author : Claudio Viviani Vendor Homepage : http://www.apptha.com/category/extension/Wordpress/Video-Gallery Software Link : https://downloads.wordpress.org/plugin/contus-video-gallery.2.7.zip Dork Google:...

Hackers publish the BadUSB fix patch only applies to the latest version of the group with the USB 3.0 firmware-bug warning-the black bar safety net

Last week, two hackers announced they had the BadUSB code reverse engineering, and on GitHub published. As for the reason for this, is to give the industry the pressure is applied, in order to quickly come up with a solution--although doing so will also make the user more vulnerable to face...

Barracuda Control Center 620 - Multiple Web Vulnerabilities

No description provided by source. Title: ====== Barracuda Control Center 620 - Multiple Web Vulnerabilities Date: ===== 2011-12-21 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=32 VL-ID: ===== 32 Introduction: ============= Barracuda Networks - Worldwide leader in...

Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities

Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities Title: ====== Trend Micro DirectPass 1.5.0.1060 - Multiple Vulnerabilities Date: ===== 2013-05-21 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=894 Article: http://www.vulnerability-lab.com/dev/?p=5...

SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities

Document Title: =============== SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=549 Release Date: ============= 2012-11-18 Vulnerability Laboratory ID VL-ID: ==================================== 549...

US UF Services EDU Health File Inclusion

Title: ====== US UF Services EDU Health - File Include Vulnerability Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=414 VL-ID: ===== 414 Introduction: ============= The Uniformed Services University of the Health Sciences USU is a health science...

Barracuda Backup 2.0 Cookie Manipulation

Title: ====== Barracuda Backup v2.0 - Multiple Web Vulnerabilities Date: ===== 2011-09-28 References: =========== Barracuda Backup Application v2.0 VL-ID: ===== 31 Introduction: ============= Barracuda Networks - Worldwide leader in email and Web security. Barracuda Backup Service is a complete a...

AOK GesundheitsKasse - SQL Injection Vulnerability

Document Title: =============== AOK GesundheitsKasse - SQL Injection Vulnerability Release Date: ============= 2011-07-31 Vulnerability Laboratory ID VL-ID: ==================================== 157 Common Vulnerability Scoring System: ==================================== 7.3 Product & Service...

eClime eCommerce JE 1.0.6b - SQL Injection Vulnerabilities

Document Title: =============== eClime eCommerce JE 1.0.6b - SQL Injection Vulnerabilities Release Date: ============= 2011-07-13 Vulnerability Laboratory ID VL-ID: ==================================== 82 Product & Service Introduction: =============================== eclime is a very powerful...

Solaris Update for ucode driver 143913-01

Check for the Version of ucode driver OpenVAS Vulnerability Test Solaris Update for ucode driver 143913-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities

Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijackor can implement script routines & malicious codesserver-side|persistent...

Solaris Update for GNOME 2.6.0 120460-16

Check for the Version of GNOME 2.6.0 OpenVAS Vulnerability Test Solaris Update for GNOME 2.6.0 120460-16 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...