Lucene search
K

119 matches found

Zero Day Initiative
Zero Day Initiative
added 2015/04/15 12:0 a.m.33 views

Microsoft Internet Explorer CDocument Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.15789EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2014/08/12 12:0 a.m.35 views

Microsoft Internet Explorer CElement::GetClassCacheArray Improper Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.6AI score0.16528EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Siteman 1.1 User Database Privilege Escalation Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/12304/info Siteman is reported prone to a vulnerability that may allow users to gain elevated privileges. This issue results from insufficient sanitization of user-supplied data. Apparently, an attacker can supply...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

NAS Uploader 1.0 & 1.5 - Remote File Upload Vulnerability

No description provided by source. | | NAS Uploader V1.0&1.5 Remote File Upload Vulnerability | | Author : ViRuSMaN | | Contact : [email protected] | | Home : Islam-Attack.CoM , HackTeach.OrG | | Download : http://www.nasuploader.com/nasuploaderv10packdemo.php |...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.72 views

CVE-2014-1223 - Cross-site Scripting in Telligent Evolution

Vulnerability title: Cross-site Scripting in Telligent Evolution CVE: CVE-2014-1223 Vendor: Telligent Product: Evolution Affected version: 7.5.0.32466 Fixed version: 7.6.7.36651 Reported by: Jerzy Kramarz Details: It is possible for an attacker to inject JavaScript by manipulating the 'msg'...

4.3CVSS6AI score0.0152EPSS
Exploits3
Hacker One
Hacker One
added 2014/03/04 6:5 p.m.17 views

OkCupid: XSS - okcupid.com

Go to your profile, and go to upload a photo. Add a random description to the photo and upload it. Now go to your photos and go to the latest uploaded photo to edit the description, and paste this : and click Save and you will see the XSS. Regards, Florin...

6.9AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2014/02/13 12:0 a.m.26 views

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.17387EPSS
Exploits1References1
Cisco
Cisco
added 2013/04/11 9:0 p.m.43 views

Cisco uBR10000 Series IPv4/IPv6 Dual Stack Vulnerability

Cisco uBR10000 Series Universal Broadband Routers contain a vulnerability that could allow an unauthenticated, adjacent attacker to trigger the reload of the routing engine on the affected device. An attacker could exploit this vulnerability by manipulating IPv4 and IPv6 address assignments on a...

5.7CVSS3.8AI score0.00647EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2012/12/14 12:0 a.m.19 views

Fedora Update for squashfs-tools FEDORA-2012-19203

Check for the Version of squashfs-tools OpenVAS Vulnerability Test Fedora Update for squashfs-tools FEDORA-2012-19203 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

6.8CVSS0.1AI score0.04047EPSS
Exploits0References2
Fedora
Fedora
added 2012/08/09 10:50 p.m.32 views

[SECURITY] Fedora 16 Update: libjpeg-turbo-1.2.1-1.fc16

The libjpeg-turbo package contains a library of functions for manipulating JPEG images...

8.8CVSS2.7AI score0.04765EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2012/02/08 12:0 a.m.31 views

IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Render method expos...

7.5CVSS5.3AI score0.03546EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2011/11/01 12:0 a.m.39 views

Oracle Hyperion Financial Management Code Execution

Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2011/10/12 12:0 a.m.41 views

Mozilla Firefox - Array.reduceRight() Integer Overflow (1)

Mozilla Firefox - Array.reduceRight Integer Overflow 1 Title: Mozilla Firefox Array.reduceRight Integer Overflow Exploit Date: 12 Oct 2011 Author: Matteo Memelli ryujin -AT- offensive-security.com CVE-2011-2371 Full exploit package:...

10CVSS0.4AI score0.75691EPSS
Exploits17
Opera Security Advisories
Opera Security Advisories
added 2010/10/06 12:0 a.m.29 views

Manipulating the window can be used to spoof the page address

Web page scripts can be used to alter the size of the browser window. In some cases, this manipulation can cause the wrong part of the Web page address to be displayed in the Address Bar, so that the part that is initially visible to the user is not the start of the address, and may contain conte...

1.7AI score
Exploits0Affected Software1
0day.today
0day.today
added 2010/04/03 12:0 a.m.28 views

Java Mini Web Server <= 1.0 Path Traversal and Cross Site Scripting

Exploit for multiple platform in category remote exploits =================================================================== Java Mini Web Server | www.DigitalWhisper.co.il Software Link: http://www.jibble.org/miniwebserver/ Version: YOURXSSHEREWork?Index of %00"Work?Index of %00"Work? Work?...

7.1AI score
Exploits0
Fedora
Fedora
added 2009/08/25 4:41 a.m.42 views

[SECURITY] Fedora 11 Update: xerces-c27-2.7.0-8.fc11

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and wri te XML data. A shared library is provided for parsing, generating, manipulatin g, and validating XML documents. Xerces-C is faithful to the XML 1.0...

4.3CVSS6.1AI score0.05324EPSS
Exploits1
Opera Security Advisories
Opera Security Advisories
added 2008/12/15 12:0 a.m.24 views

Manipulating text input contents can allow execution of arbitrary code

Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code...

3.6AI score
Exploits0Affected Software1
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.45 views

WIDER : Social Engineering

Social engineering Professional programming Sequential hack one. Introduction 2. social engineering 3. Extraction of information. Social engineering. Sequential hack. four. Finding and processing information. 5. Some ways to divorce people. 6. Human denial of service HDoS 7. Advanced methods...

7.8AI score
Exploits0
0day.today
0day.today
added 2005/05/26 12:0 a.m.47 views

Maxwebportal <= 1.36 password.asp Change Password Exploit (3 - perl)

Exploit for unknown platform in category web applications ==================================================================== Maxwebportal Gr33tz To == mhp0rtal , Oilkarchack , Str0ke & AlphaST.Com And Iranian Hacking & Security Teams : IHS , Shabgard , Emperor ,Crouz & Simorgh-ev use IO::Socket...

7.1AI score
Exploits0
Rows per page
Query Builder