6654 matches found
Design/Logic Flaw
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
CVE-2016-10518
A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. The ping functionality by default responds with a pong frame and the previously given payload of the ping frame. This is exactly what you expect, but...
[SECURITY] Fedora 27 Update: wavpack-5.1.0-8.fc27
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...
[SECURITY] Fedora 28 Update: wavpack-5.1.0-8.fc28
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...
Signature Validation Bypass
simplesamlphp/saml2 is vulnerable to signature validation bypass attacks. The vulnerability exists in HTTPRedirect.php due to the reliance of a PHP functionality that interprets a -1 error code as true, allowing signature validation to be bypassed...
ERPnext 11 - Cross-Site Scripting
ERPnext 11 - Cross-Site Scripting Exploit Title: ERPnext 11.x.x - Cross-Site Scripting Date: 2018-05-10 Exploit Author: Veerababu Penugonda Vendor Homepage: https://erpnext.com/ Software Link: https://demo.erpnext.com/ Version: Frappe ERPNext v11.x.x-develop Tested on: Mozilla Firefox quantum 60....
ERPnext 11 - Cross-Site Scripting
Exploit Title: ERPnext 11.x.x - Cross-Site Scripting Date: 2018-05-10 Exploit Author: Veerababu Penugonda Vendor Homepage: https://erpnext.com/ Software Link: https://demo.erpnext.com/ Version: Frappe ERPNext v11.x.x-develop Tested on: Mozilla Firefox quantum 60.1 , Ubuntu OS CVE : CVE-2018-11339...
Xxe
This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...
OPENSUSE-SU-2018:1330-1 Security update for enigmail
This update for enigmail to version 2.0.4 fixes multiple issues. Security issues fixed: - CVE-2017-17688: CFB gadget attacks allowed to exfiltrate plaintext out of encrypted emails. enigmail now fails on GnuPG integrity check warnings for old Algorithms bsc1093151 - CVE-2017-17689: CBC gadget...
Design/Logic Flaw
An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. An attacker can look at network traffic to get the admin password for the device. The attacker can then use the credentials to login as admin...
Command injection
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the rsakey\name= parm in the...
Denial of service
Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4001/tcp to trigger this vulnerability...
CVE-2017-12124
An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this vulnerability...
CVE-2017-12126
An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP packet can cause cross-site request forgery. An attacker can create malicious HTML to trigger this vulnerability...
Reverb.com: XSS in main search, use class tag to imitate Reverb.com core functionality, create false login window
This is an expansion of 349684 which was flagged as a duplicate. In that bug report I explained that several HTML tags end up rendering when entered into the main search. I've since found out that the class attribute of multiple types of tags can be modified to create a realistic imitation of cor...
Microsoft Edge Undo Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Windows Multiple Vulnerabilities (KB4103731)
This host is missing a critical security update according to Microsoft KB4103731 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Authentication bypass vulnerability in Western Digital My Cloud
Abstract It was discovered that Western Digital My Cloud is affected by an authentication bypass vulnerability. By exploiting this vulnerability, an unauthenticated attacker can bypass the login functionality and gain full control of the device. Tested versions This vulnerability was successfully...