3370 matches found
JDK: java.lang.class code execution
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics...
JDK: java.lang.class code execution
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics...
[SET] Social-Engineer Toolkit 4.1.3
TrustedSec Release the latest version of Social-Engineer Toolkit SET as 4.1.3. As most of us know that, It is an open source, python-driven, social-engineering penetration testing framework of custom tools which solely focuses on attacking the human element of penetration testing. It was designed...
Cross domain access to object constructors can be used to facilitate cross-site scripting – Opera Security Advisories
JavaScripts are able to redefine and override the methods of native objects. They may also do this with the native objects of any document that shares the same origin. By redefining the methods of another document through the constructor property of the document’s host objects, a malicious script...
WinRM Authentication Method Detection
This module sends a request to an HTTP/HTTPS service to see if it is a WinRM service. If it is a WinRM service, it also gathers the Authentication Methods supported. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework cla...
Think Like a Hacker for Better Security
Computer hacking is truly an epidemic. It's not enough to apply the latest patches to your servers and workstations or otherwise defend yourself reactively. If you're in charge of your network's security, you must understand how hackers minds work and what tools they're using for their attacks...
Mozilla Seamonkey Multiple Vulnerabilities-01 (Windows)
The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln01oct12win.nasl 6093 2017-05-10 09:03:18Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities-01 Windows Authors: Arun Kallavi Copyright: Copyright c 20...
FreeBSD : mozilla -- multiple vulnerabilities (6e5a9afd-12d3-11e2-b47d-c8600054b392)
The Mozilla Project reports : MFSA 2012-74 Miscellaneous memory safety hazards rv:16.0/ rv:10.0.8 MFSA 2012-75 select element persistance allows for attacks MFSA 2012-76 Continued access to initial origin after setting document.domain MFSA 2012-77 Some DOMWindowUtils methods bypass security check...
Design/Logic Flaw
The Chrome Object Wrapper COW implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to...
CVE-2012-3986
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils aka nsDOMWindowUtils methods, which allows remote attackers to bypass intended access restrictions v...
Moderate: Red Hat Security Advisory: freeradius2 security update
Updated freeradius2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2012-3547
Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...
CVE-2012-3547
Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...
CVE-2012-3547
Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...
CVE-2012-3547
Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a long "not after" timestamp in a client certificate...
CVE-2012-4011
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site...
Code injection
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site...
Design/Logic Flaw
The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site...
Oracle Java SE 7 < Update 7 Multiple Vulnerabilities
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 7 Update 7 and is, therefore, potentially affected the following vulnerabilities : - The 'getField' method in the 'sun.awt.SunToolkit class' provided by the bundled SunToolkit can be used ...
IBM WebSphere MQ File Transfer Edition Web Gateway Insufficient Access Control
Exploit for windows platform in category web applications Exploit Author: Nir Valtman Affected Platforms: Version 7.0.4 and all previous versions of WebSphereMQ File Transfer Editionrunning on all platforms are affected. Apparently they published the CVE above without mentioning my name, since I...