828 matches found
CVE-2012-1166
The default keybindings for wwm in LTSP Display Manager ldm 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KPRETURN keybinding, which launches a terminal window...
CVE-2012-1502
Double free vulnerability in the PyPAMconv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a NULL byte in a password string...
CVE-2012-0867
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters...
CVE-2012-0065
Heap-based buffer overflow in the receivepacket function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0.5 through 1.0.7 allows physically proximate attackers to execute arbitrary code via a long SerialNumber field in a property list...
CVE-2011-4622
The createpittimer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer PIT interrupt requests IRQs when a virtual interrupt controller irqchip is not available, which allows local users to cause a denial of service NUL...
CVE-2012-0056
The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...
PhpBridges Blog System SQL Injection
Exploit Title: PhpBridges Blog System SQL Injection Vulnerability Date: 18/01/2012 - 04.19 Author: 3spi0n Software Website: https://launchpad.net/phpbridges Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: members.php $ Demo Sites: fantasticas.odisseias.net/members.php?id=2...
PhpBridges Blog System members.php SQL Injection
Exploit for php platform in category web applications Exploit Title: PhpBridges Blog System SQL Injection Vulnerability Date: 18/01/2012 - 04.19 Author: 3spi0n Software Website: https://launchpad.net/phpbridges Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: members.php $...
PHPBridges Blog System - members.php SQL Injection
PHPBridges Blog System - members.php SQL Injection Exploit Title: PhpBridges Blog System SQL Injection Vulnerability Date: 18/01/2012 - 04.19 Author: 3spi0n Software Website: https://launchpad.net/phpbridges Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: members.php $ Dem...
PHPBridges Blog System - 'members.php' SQL Injection
Exploit Title: PhpBridges Blog System SQL Injection Vulnerability Date: 18/01/2012 - 04.19 Author: 3spi0n Software Website: https://launchpad.net/phpbridges Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: members.php $ Demo Sites: server/members.php?id=2" SQL Injection Dar...
CVE-2010-4648
The orinocoioctlsetauth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading Wi-Fi frames...
CVE-2011-4621
The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service system hang via an application that executes code in a loop...
CVE-2011-4824
SQL injection vulnerability in authlogin.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the loginusername parameter...
[USN-1289-1] colord vulnerability
========================================================================== Ubuntu Security Notice USN-1289-1 December 07, 2011 colord vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
CVE-2011-2203
The hfsfindinit function in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and Oops by mounting an HFS file system with a malformed MDB extent record...
[USN-1265-1] system-config-printer vulnerability
========================================================================== Ubuntu Security Notice USN-1265-1 November 17, 2011 system-config-printer vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
CVE-2011-4132
The cleanupjournaltail function in the Journaling Block Device JBD functionality in the Linux kernel 2.6 allows local users to cause a denial of service assertion error and kernel oops via an ext3 or ext4 image with an "invalid log first block value."...
[USN-1255-1] libmodplug vulnerabilities
========================================================================== Ubuntu Security Notice USN-1255-1 November 09, 2011 libmodplug vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...
CVE-2011-3607
Integer overflow in the appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted...
CVE-2011-4081
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecified other impact by triggering a failed or missing ghashsetkey function call, followed by a 1 ghashupdate function call or 2 ghashfinal...