PHP 'cgi_main.c' Out-of-Bounds Read Denial of Service Vulnerability

PHP is a popular programming language. An out-of-bounds read denial of service vulnerability exists in PHP 'cgimain.c', which can be exploited by a remote attacker to crash the application, resulting in a denial of service...

Adobe Flash Player Double Free (APSB14-24: CVE-2014-0574)

A double free vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error caused by an attempt of the worker thread and the main thread to clear a shared ByteArray simultaneously. This vulnerability could lead to a crash of the player...

WebTitan Default Credentials (ssh)

The account 'admin' is using a default password. A remote, unauthenticated attacker could exploit this to log in as a privileged user and gain access to the WebTitan configuration menu. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid76777; scriptversion"$Revision: 1....

Barracuda Spam&Virus FW 600 - CS XSS Vulnerability

Document Title: =============== Barracuda Spam&Virus FW 600 - CS XSS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=890 Barracuda Networks Security ID BNSEC: BNSEC-1176 https://www.barracuda.com/support/knowledgebase/501600000013gvh Soluti...

calendar.eller.arizona.edu XSS vulnerability

Open Bug Bounty ID: OBB-46258 Description| Value ---|--- Affected Website:| calendar.eller.arizona.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Preventi...

NetBSD 5.0 and below Hack GENOCIDE Environment overflow proof of concept

No description provided by source. !/bin/sh NetBSD 5.0 and below Hack GENOCIDE Environment overflow proof of concept Successfull Exploitation gives guid 100 games Vulnerable Function is in hack.main.c. /usr/games/hack -D use the wizard mode. Only work in wizard mode. It is a basic strcpy stack...

Taboada Macronews <= 1.0 - SQLi Exploit

No description provided by source. ?php / Exploit Title: Taboada Macronews = 1.0 SQLi Exploit Date: 03rd January 2013 Exploit Author: WhiteCollarGroup Software Link: http://www.scriptbrasil.com.br/download/codigo/7144/ Version: 1.0 Google Dork: intext:Powered by: joaotaboada.com Usage: php...

68kb Knowledge Base 1.0.0rc3 - Edit Main Settings CSRF

No description provided by source. Exploit Title: 68kb Knowledge Base v1.0.0rc3 edit main settings CSRF Date: 2010-04-02 Author: Jelmer de Hen Software Link: http://68kb.googlecode.com/files/68kb-v1.0.0rc3.zip Version: v1.0.0rc3 html body onload=document.forms'editsettings'.submit form...

Police Municipale Open Main Courante 1.01beta (RFI/LFI) Multiple File Include Vulnerability

No description provided by source. =========================================================================================== Police Municipale Open Main Courante 1.01beta RFI/LFI Multiple File Include Vulnerability...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:0377-1)

java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...

Localize: XSS in main page (invitation)

If a project name is saved with a XSS string such as: “!-- and a translator visits and requests and invite, it'll result in the xss executing in the main page, due to the fact that it shows your requests. Screen: http://prntscr.com/3awwuv...

Localize: XSS in main page

If a project name is saved with a XSS string such as: “!-- and a translator visits it, it'll result in the xss executing in the main page, due to the fact that it shows your recent visits. Screen: http://prntscr.com/3awwuv...

Microsoft Word TextBox Sub-document Memory Corruption - Ver2 (CVE-2007-1910)

Microsoft Word is a document authoring product released by the Microsoft Corporation. A memory corruption vulnerability has been reported in Microsoft Word. The vulnerability is due to improper validation of a supplied value inside the Main Stream. A remote attacker could exploit this vulnerabili...

Microsoft Word TextBox Sub-document Memory Corruption - Ver2 (CVE-2007-1910)

A memory corruption vulnerability has been reported in Microsoft Office Word. The vulnerability is due to improper validation of a supplied value inside the Main Stream. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2014-2143

The IKE implementation in Cisco IOS 15.41T and earlier and IOS XE allows remote attackers to cause a denial of service security-association drop via crafted Main Mode packets, aka Bug ID CSCun31021...

Design/Logic Flaw

The IKE implementation in Cisco IOS 15.41T and earlier and IOS XE allows remote attackers to cause a denial of service security-association drop via crafted Main Mode packets, aka Bug ID CSCun31021...

Cross site scripting

Cross-site scripting XSS vulnerability in the Brother MFC-9970CDW printer with firmware G 1.03 and L 1.10 allows remote attackers to inject arbitrary web script or HTML via an arbitrary parameter name QUERYSTRING to admin/adminmain.html, a different vulnerability than CVE-2013-2507 and...

DEBIAN-CVE-2012-2108

Stack-based buffer overflow in the main function in util/lpcimain.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file...

UBUNTU-CVE-2012-2108

Stack-based buffer overflow in the main function in util/lpcimain.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file...

Malicious Russian Tor Exit Relays Intercepting encrypted Traffic of Facebook Users

Tor is one of the best and freely available privacy software that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship. When you use the Tor software, your IP address remains hidden and it appears that...