63 matches found
EUVD-2018-8740
Malware in sbrugna...
Medium: nss-softokn
Issue Overview: Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox 121. CVE-2023-6135 Affected Packages: nss-softokn Note: This advisory is applicable...
Important: php56
Issue Overview: In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or dis...
GetSimple CMS Custom JS 0.1 - Cross-Site Request Forgery
Exploit Title: GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE Exploit Author: Bobby Cooke boku & Abhishek Joshi Date: 30/04/201 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/download/ & http://get-simple.info/extend/plugin/custom-js/1267/ Vendor: 4Enzo Version:...
Docsify 4.11.4 - Reflective Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE :...
Docsify.js 4.11.4 Cross Site Scripting
Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Date: 2020-06-22 Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE : CVE-2020-7680 docsify.js uses fragment identifie...
WordPress Fastest Cache 0.8.9.0 Arbitrary File Deletion Exploit
WordPress WP Fastest Cache plugin versions 0.8.9.0 and below suffer from an arbitrary file deletion vulnerability. The wordpress plugin "WP Fastest Cache" 0 suffered from an arbitrary file deletion bug. Description A successful attack allows an unauthenticated attacker to specify a path to a...
HTML5 Video Player 1.2.5 - Local Buffer Overflow (Non SEH)
!/usr/bin/python Exploit Title: HTML5 Video Player 1.2.5 - Local Buffer Overflow - Non SEH Date: 27/01/2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.html5videoplayer.net/download.html Software: http://www.html5videoplayer.net/html5videoplayer-setup.exe Contact:...
R 3.4.4 XP SP3 - Buffer Overflow (Non SEH) Exploit
Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: R 3.4.4 - Local Buffer Overflow Windows XP SP3 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://cloud.r-project.org/bin/windows/ Contact: [email protected] Twitter:...
Vulnerability Databases: Classification and Registry
What publicly available Vulnerability Databases do we have? Well, I can only say that there are a lot of them and they are pretty different. Here I make an attempt to classify them. It's quite an ungrateful task. No matter how hard you try, the final result will be rather inaccurate and incomplet...
Easy Hosting Control Panel 0.37.12.b Cross Site Request Forgery
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-MULTIPLE-CSRF.txt + ISR: Apparition Security Greetz: indoushka|Eduardo|Dirty0tis Vendor: ======== www.ehcp.net Product: ========= Easy Hosting Control Panel v0.37.12.b Ehcp...
Zimbra Collaboration Suite Cross Site Scripting Vulnerability
Exploit for php platform in category web applications COMPASS SECURITY ADVISORY https://www.compass-security.com CVE ID : CVE-2017-8802 Product: Zimbra Collaboration Suite ZCS 1 Vendor: Synacor Inc. 2 Subject: Stored Cross-Site Scripting XSS Vulnerability Risk: High Effect: Exploitable by Anonymo...
OctoberCMS 1.0.425 Cross Site Scripting
Exploit Title: OctoberCMS 1.0.425 aka Build 425 Stored XSS Vendor Homepage: https://octobercms.com/ Software Link: https://octobercms.com/download Exploit Author: Ishaq Mohammed https://packetstormsecurity.com/files/author/13150/ Contact: https://twitter.com/securityprince Website:...
Aerohive Networks HiveManager Remote Shell Upload Exploit
Exploit for hardware platform in category web applications I. BACKGROUND Aerohive Networks HiveManager Classic Online NMS is a cloud-enabled enterprise-class management system for Aerohive networking products. HiveManager Classic Online offers simple policy creation, firmware upgrades, and...
VMSA-2016-0012:VMware Photon OS OVA default public ssh key
VMSA-2016-0012 VMware Photon OS OVA default public ssh key VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0012 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Photon OS OVA default public ssh key VMware Security Advisory Issue date:...
docker 1.0.0 docker.socket world accessible
CVE-2014-3499 docker.socket world accessible 漏洞类型 设计错误 本地权限提升 漏洞分析 Docker 1.0.0使用全局可读可写的管理套接字,这种设计会允许本地用户利用写套接字,获得特殊的权限。 具体分析 docker.socket 在docker 1.0.0版本时,并没有限制读写socket的权限,导致本地用户任何socket读写都能够完成。 本地用户使用构造的恶意请求写入到socket中会导致root权限执行任意代码。 具体过程 在init/systemd中,...
Secure Data Space 3.1.1-2 Cross Site Scripting Vulnerability
Secure Data Space version 3.1.1-2 suffers from a cross site scripting vulnerability. Secure Data Space 3.1.1-2 Cross Site Scripting Vulnerability 1. DETAILS - ---------- Product: SECURE DATA SPACE Vendor URL: www.ssp-europe.eu Type: Cross-site ScriptingCWE-79 Date found: 2015-09-30 Date published...
Low: gpgme
Issue Overview: Multiple heap-based buffer overflows in the statushandler function in 1 engine-gpgsm.c and 2 engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to "different line lengths in a...
Lorex LH300 Series - ActiveX Buffer Overflow (PoC)
Disclosure: 09/01/2014 / Last updated: 18/01/2015 Hi, I have discovered a buffer overflow vulnerability that allows remote code execution in an ActiveX control bundled by a manufacturer of video surveillance systems. The company is Lorex Technologies, a major video surveillance manufacturer that ...
Medium: subversion
Issue Overview: The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted...