Oracle VM VirtualBox Remote Vulnerability (CNVD-2017-00984)

Oracle VM VirtualBox is a cross-platform virtual machine software from Oracle. The software supports running multiple operating systems, creating VM groups, sharing folders, etc. on the same computer. A remote security vulnerability exists in Oracle VM VirtualBox versions prior to 5.0.32 and prio...

Oracle Application Testing Suite Remote Vulnerability

The Application Testing Suite is a comprehensive, integrated testing solution that ensures the quality, scalability and availability of Web applications and Web services. A remote security vulnerability exists in Oracle Application Testing Suite. An attacker exploiting the vulnerability via the...

Oracle FLEXCUBE Private Banking Security Bypass Vulnerability (CNVD-2017-00787)

Oracle FLEXCUBE Private Banking is a product of Oracle Corporation USA. It plans, records, tracks and manages client wealth across a range of asset classes and tools to increase financial advisor productivity and improve client relationships. A remote security bypass vulnerability exists in Oracl...

UBUNTU-CVE-2016-8606

The REPL server --listen in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack...

Downloads Resources over HTTP

Overview Affected versions of appium-chromedriver insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read items send over HTTP at will. In this case, that includes the chromedriver binary, which may result in remote code...

Oracle Linux 7 : python (ELSA-2016-2586)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-2586 advisory. - Fix for CVE-2016-1000110 HTTPoxy attack Resolves: rhbz1359164 - Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.getdata...

python security, bug fix, and enhancement update

2.7.5-48.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-48 - Fix for CVE-2016-1000110 HTTPoxy attack Resolves: rhbz1359164 2.7.5-47 - Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.getdata Resolves: rhbz1356364 2.7.5-46 - Drop patch 2...

Hijacking NodeMCU Development Board-vulnerability warning-the black bar safety net

Long before the want to play the Board, The do nothing poor and can't afford it. Just the school issued a NodeMCU, although it is a cheap Board, play play is also good. This Board also let me play for several days, a start is to build a good car, in teacher to a Scratch on the play for a moment,...

MS15-0 3 4 IIS 7.0 HTTP.sys a remote code execution vulnerability(CVE-2 0 1 5-1 6 3 5) POC-vulnerability warning-the black bar safety net

Detection script: Python----beebeeto http://www.beebeeto.com/pdb/poc-2015-0081/ !/ usr/bin/env python coding=utf-8 """ Site: http://www.beebeeto.com/ Framework: https://github.com/n0tr00t/Beebeeto-framework """ import socket import random import urlparse from baseframe import BaseFrame class...

giu.portal.gov.bd XSS vulnerability

Open Bug Bounty ID: OBB-169495 Description| Value ---|--- Affected Website:| giu.portal.gov.bd Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

Unspecified Vulnerability in Oracle Supply Chain Products Suite

Oracle Agile Engineering Data Management is a set of asset organization and management solutions from Oracle Corporation, of which Oracle Supply Chain Products Suite is a supply chain solution. An unspecified vulnerability exists in the Web Services Security subcomponent of Oracle Supply Chain...

[SECURITY] Fedora 22 Update: wget-1.18-1.fc22

GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest wit...

Python urllib HTTP header injection vulnerability-vulnerability warning-the black bar safety net

The Python urllib library in Python 2 for urllib2 in Python 3 to urllib is a HTTP Protocol the following Protocol flow injection vulnerabilities. If an attacker can control the Python code to access an arbitrary URL, or allow Python code to access a malicious web servr, and that this vulnerabilit...

KLA10954 Remote Security Vulnerability in Oracle VM VirtualBox

A remote security vulnerability was found in Oracle Virtualization Oracle VM VirtualBox component. By exploiting this vulnerability malicious users can gain privileges and cause a partial denial of service. This vulnerability can be exploited remotely over the HTTP protocol. Technical details...

ImpressCMS 1.3.9 - SQL Injection

Exploit for php platform in category web applications ============================================= MGC ALERT 2016-002 - Original release date: April 8, 2016 - Last revised: April 21, 2016 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score...

ImpressCMS 1.3.9 - SQL Injection

ImpressCMS 1.3.9 - SQL Injection ============================================= MGC ALERT 2016-002 - Original release date: April 8, 2016 - Last revised: April 21, 2016 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I...

ImpressCMS 1.3.9 - SQL Injection

============================================= MGC ALERT 2016-002 - Original release date: April 8, 2016 - Last revised: April 21, 2016 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY ------------------------...

ImpressCMS 1.3.9 SQL Injection

============================================= MGC ALERT 2016-002 - Original release date: April 8, 2016 - Last revised: April 21, 2016 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY ------------------------...

UliCMS 9.8.1 SQL Injection

============================================= MGC ALERT 2016-001 - Original release date: January 26, 2016 - Last revised: February 02, 2016 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY...

UliCMS v9.8.1 - SQL Injection

UliCMS v9.8.1 - SQL Injection ============================================= MGC ALERT 2016-001 - Original release date: January 26, 2016 - Last revised: February 02, 2016 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I...