9179 matches found
CVE-2010-3782
obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation...
OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
Sony Playstation 4 (PS4) 6.72 - WebKit Code Execution (PoC)
Sony Playstation 4 PS4 6.72 - WebKit Code Execution PoC / badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmwar...
Sony Playstation 4 (PS4) < 6.72 - WebKit Code Execution (PoC)
/ badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmware 7.00. EDB Note Download:...
NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make...
CVE-2019-5273
USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a deni...
Heap overflow
USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a deni...
CVE-2019-5273
The Huawei USG9500 hardening advisory confirms CVE-2019-5273 is a denial-of-service vulnerability in the X.509 certificate handling. Affected products are USG9500 with V500R001C30 and V500R001C60. The root cause is a flaw in X.509 processing that can trigger a large heap buffer overrun when decod...
CVE-2019-5274
USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service...
Security Advisory - Multiple Vulnerabilities in the X.509 Implementation in Some Huawei Products
There is a denial of service vulnerability in some Huawei products. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial o...
CVE-2012-2312
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...
CVE-2012-2312
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...
MTN Group: SharePoint exposed web services in a subdomain
Hi there I found a subdomain that is sharepoint configuration is poorly implemented Because of improper configuration an anonymous user can access to the SharePoint Web Services. POC: Go to the following url: https://www.mtn.co.za/vtibin/lists.asmx?WSDL services.jpg Remediation Restrict access to...
Medium: samba
Issue Overview: A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba...
Google Chrome Information Disclosure Vulnerability (CNVD-2019-46762)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an information disclosure vulnerability that stems from the program's failure to fully implement policies. The vulnerability can be exploited to obtain sensitive information from process memory via special...
DEBIAN-CVE-2012-1577
lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0...
Lenovo Power Management Driver CVE-2019-6192 Local Buffer Overflow Vulnerability
Description Lenovo Power Management Driver is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to cause denial of service conditions. Due to the natur...
[SECURITY] Fedora 30 Update: libidn2-2.3.0-1.fc30
Libidn2 is an implementation of the IDNA2008 specifications in RFC 5890, 5891, 5892, 5893 and TR46 for internationalized domain names IDN. It is a standalone library, without any dependency on libidn...
Low severity vulnerability that affects com.linecorp.armeria:armeria
Multiple timing attack vulnerabilities leading to the recovery of secrets based on the use of non-constant time compare function Impact String comparison method in multiple authentication validation in Armeria were known to be vulnerable to timing attacks. This vulnerability is caused by the...
OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...