1911 matches found
WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection
WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection Exploit Title: WordPress appointment-booking-calendar =1.1.23 - Shortcode SQL injection Date: 2016-01-24 Google Dork: Index of /wordpress/wp-content/plugins/appointment-booking-calendar/ Exploit Author: Joaquin Ramire...
Trend Micro - node.js HTTP Server Listening on localhost Can Execute Commands
Trend Micro - node.js HTTP Server Listening on localhost Can Execute Commands Trend Micro Maximum Security 10 Exploit Sample exploit for Trend Micro Maximum Security 10. -- Tavis Ormandy. Command: Click Here to run the command above the default will uninstall Trend Micro Maximum. img...
Qemu: net: pcnet: buffer overflow in non-loopback mode
A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode. A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process. Not...
Qemu: net: pcnet: buffer overflow in non-loopback mode
A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode. A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process. Not...
Scientific Linux Security Update : NetworkManager on SL7.x x86_64 (20151119)
It was discovered that NetworkManager would set device MTUs based on MTU values received in IPv6 RAs Router Advertisements, without sanity checking the MTU value first. A remote attacker could exploit this flaw to create a denial of service attack, by sending a specially crafted IPv6 RA packet to...
UBUNTU-CVE-2015-7512
Buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service guest OS crash or execute arbitrary code via a large packet...
DEBIAN-CVE-2015-0272
GNOME NetworkManager allows remote attackers to cause a denial of service IPv6 traffic disruption via a crafted MTU value in an IPv6 Router Advertisement RA message, a different vulnerability than CVE-2015-8215...
DEBIAN-CVE-2015-7969
Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service memory consumption via a large number of "teardowns" of domains with the vcpu pointer array allocated using the 1 XENDOMCTLmaxvcpus hypercall or the...
Radancy: Sql-inj in https://maximum.com/ajax/people
Hi Sql-inj in param order in https://maximum.com/ajax/people?order=email1&order=ASC&page=1...
gluster-swift metadata constraints are not correctly enforced
A flaw was found in the metadata constraints in Red Hat Gluster Storage's OpenStack Object Storage swiftonfile. By adding metadata in several separate calls, a malicious user could bypass the maxmetacount constraint, and store more metadata than allowed by the configuration...
UBUNTU-CVE-2015-0272
GNOME NetworkManager allows remote attackers to cause a denial of service IPv6 traffic disruption via a crafted MTU value in an IPv6 Router Advertisement RA message, a different vulnerability than CVE-2015-8215...
OpenSSH Keyboard Cross Validation Brute Force Vulnerability
OpenSSH is an open source implementation of the SSH protocol. A security vulnerability in the OpenSSH implementation with keyboard interaction turned on allows an attacker to bypass the MaxAuthTries limit and perform brute-force breaking attacks...
CVE-2015-1284
The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service invalid count value and use-after-free or possibly...
Surebackup Error “OS did not boot in the allotted time”
Challenge A VM being started by SureBackup fails with the error: OS did not boot in the allotted time Cause This error occurs when the VM being powered on by the SureBackup job fails to become stable within the "Maximum allowed boot time" specified in the Application Group settings or the Linked...
Tesla Motors Starts Bug Bounty--But Not For Its Cars
Tesla Motors has started a bug bounty program that will pay researchers up to $1,000 for disclosing vulnerabilities. However, the rewards don’t apply to bugs found in the company’s vehicles. The program’s scope is quite narrow, with only the main teslamotors.com domain and other domains owned by...
WifiInfoView v1.79 - WiFi Scanner for Windows 7/8/Vista
WifiInfoView scans the wireless networks in your area and displays extensive information about them, including: Network Name SSID, MAC Address, PHY Type 802.11g or 802.11n, RSSI, Signal Quality, Frequency, Channel Number, Maximum Speed, Company Name, Router Model and Router Name Only for routers...
openstack-swift: Swift metadata constraints are not correctly enforced
A flaw was found in the metadata constraints in OpenStack Object Storage swift. By adding metadata in several separate calls, a malicious user could bypass the maxmetacount constraint, and store more metadata than allowed by the configuration...
Dropbox Launches Bounty Program on HackerOne
Dropbox has become the latest high-profile Internet firm to start a bug bounty program, hooking up with HackerOne to provide rewards to security researchers who report vulnerabilities through the program. The new reward system from Dropbox covers a variety of the company’s offerings, including th...
kernel: splice: lack of generic write checks
A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...