IBM DB2 Buffer Overflow Vulnerability (CNVD-2018-10804)

IBM DB2 is a relational database management system developed by IBM in the United States, and its main operating environments are UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. A buffer overflow vulnerability exists in db2exmig and db2exfmt...

Immunity Canvas: JBOSS6_JMXINVOKERSERVLET_DESERIALIZE

Name| jboss6jmxinvokerservletdeserialize ---|--- CVE| CVE-2015-7501 Exploit Pack| CANVAS Description| jboss6jmxinvokerservletdeserialize Notes| CVE Name: CVE-2015-7501 VENDOR: Red Hat NOTES: IMPORTANT NOTE: Any instance of this application running Apache Commons Collections version prior to 3.0...

CVE-2017-5070

Removed by vendor...

CVE-2017-5103

Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2017-5030

Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page...

UBUNTU-CVE-2017-5043

Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension...

chromium-browser: use after free in pdfium

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file...

UBUNTU-CVE-2017-5021

A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

Design/Logic Flaw

A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

UBUNTU-CVE-2017-5008

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML pag...

chromium-browser: heap overflow in v8

A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

chromium-browser: ui spoofing in blink

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page...

chromium-browser: heap overflow in ffmpeg

FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file...

UBUNTU-CVE-2016-5201

A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page...

chromium-browser: universal xss in blink

Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac, incorrectly handles deferred page loads, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

UBUNTU-CVE-2016-5208

Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android allowed possible corruption of the DOM tree during synchronous event handling, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

Concept Plays CMS - SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================= + Title :- Concept Plays CMS - SQL Injection Vulnerability + Date :- 11 - July - 2015 + Vendor Homepage :- http://www.conceptplays.com/ + Version :- All Versions + Tested on :-...

Manan Shop SQL Injection

========================================================= + Title :- Manan Shop CMS - SQL Injection Vulnerability + Date :- 4 - July - 2015 + Vendor Homepage :- http://www.manan.asia/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google...

Manhali 1.8 - Local File Inclusion Vulnerability

No description provided by source. Exploit Title: Manhali v1.8 Local File Inclusion Vulnerability Date: 20/09/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://www.manhali.com/ Software Link:...

HT Editor 2.0.18 File Opening Stack Overflow

No description provided by source. Exploit Title: HT Editor File openning Stack Overflow 0day Date: March 30th 2011 Author: ZadYree Software Link: http://hte.sourceforge.net/downloads.html Version: = 2.0.18 Tested on: Linux/Windows buffer padding may differ on W32 CVE : None !/usr/bin/perl =head1...