1938 matches found
Design/Logic Flaw
Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary...
Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2009-1)
Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...
Mozilla: Use-after-free when updating offline cache (MFSA 2013-98)
Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary...
CVE-2013-5597
Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary...
Use-after-free when updating offline cache — Mozilla
Security researcher Byoungyoung Lee of Georgia Tech Information Security Center GTISC used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash...
[Vulscan] Module which enhances nmap to a vulnerability scanner
Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB. Installation Please install the fil...
EMLOG offline writing high-risk security vulnerabilities-vulnerability warning-the black bar safety net
You emlog user, EMLOG Development Group today confirmed EMLOG 5.1 series of versions exist offline writing interface permission validation is not strict, high-risk vulnerabilities. The vulnerability can lead an attacker can bypass the system user authentication mechanism through the offline writi...
German Video Game 'Crytek' Websites go offline after Security Breach
It seems that German Video Game company 'Crytek' has been the latest victim of hacking attacks on its website and few forums, and caused Crytek's family of websites to go offline. According to the company, "Our Crytek.com, Mycryengine.com, Crydev.net and MyCrysis.com sites were all subject to a...
German Video Game 'Crytek' Websites go offline after Security Breach
It seems that German Video Game company 'Crytek' has been the latest victim of hacking attacks on its website and few forums, and caused Crytek's family of websites to go offline. According to the company, "Our Crytek.com, Mycryengine.com, Crydev.net and MyCrysis.com sites were all subject to a...
Anonymous Offline File-Sharing and Communications System: PirateBox
PirateBox creates offline wireless networks designed for anonymous file sharing, chatting, message boarding, and media streaming. You can think of it as your very own portable offline Internet in a box! When users join the PirateBox wireless network and open a web browser, they are automatically...
Apple's Developer Center Offline for 32 Hours; Compromised ?
It's been over a day now since Apple's online Dev Center went offline, and latest message can be seen in the screenshot, which explains that the current maintenance has took a lot longer than they expected. "We apologize that maintenance is taking longer than expected. If your program membership...
Apple’s Developer Center Offline for 32 Hours; Compromised ?
It’s been over a day now since Apple’s online Dev Center went offline, and latest message can be seen in the screenshot, which explains that the current maintenance has took a lot longer than they expected. "We apologize that maintenance is taking longer than expected. If your program membership...
Fedora 17 : zeroinstall-injector-2.3-1.fc17 (2013-12421)
Enhancements : - upstream now ships an experimental OCaml front-end, this is not yet enabled - Add fish-shell command completion - Allow relative files in and for local feeds. This makes it easy to test feeds before passing them to 0repo. Bug fixes : - Better handling of default=' in bindings. Th...
Fedora 19 : zeroinstall-injector-2.3-1.fc19 (2013-12414)
Enhancements : - upstream now ships an experimental OCaml front-end, this is not yet enabled - Add fish-shell command completion - Allow relative files in and for local feeds. This makes it easy to test feeds before passing them to 0repo. Bug fixes : - Better handling of default=' in bindings. Th...
CVE-2013-4786
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...
Authentication flaw
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...
CVE-2013-4786
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...
CVE-2013-4786
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. Recent assessments: Assessed...
Ubisoft's uPlay service hacked, Far Cry 3 Blood Dragon Leaked
Russian hackers have figured out a way to download free games from Ubisoft's servers, exploiting an existing vulnerability in Ubisoft's uPlay launcher. According to reports, the copies of Far Cry 3 Blood Dragon that are available on torrent sites are the result of a hack of Ubisoft's uPlay servic...
[360-FAAR v0.4.1] Firewall Analysis Audit And Repair
360-FAAR Firewall Analysis Audit and Repair is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Changes: This release...