Lucene search
K

1938 matches found

Prion
Prion
added 2013/10/30 10:55 a.m.16 views

Design/Logic Flaw

Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary...

10CVSS8.1AI score0.06273EPSS
Exploits0References11Affected Software5
Tenable Nessus
Tenable Nessus
added 2013/10/30 12:0 a.m.39 views

Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2009-1)

Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...

10CVSS8.1AI score0.06493EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2013/10/29 9:12 p.m.3 views

Mozilla: Use-after-free when updating offline cache (MFSA 2013-98)

Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary...

10CVSS7AI score0.06273EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2013/10/29 12:0 a.m.23 views

CVE-2013-5597

Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary...

10CVSS6.7AI score0.06273EPSS
Exploits0References4
Mozilla
Mozilla
added 2013/10/29 12:0 a.m.34 views

Use-after-free when updating offline cache — Mozilla

Security researcher Byoungyoung Lee of Georgia Tech Information Security Center GTISC used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash...

10CVSS1.7AI score0.06273EPSS
Exploits0References2Affected Software5
Kitploit
Kitploit
added 2013/08/21 1:2 a.m.22 views

[Vulscan] Module which enhances nmap to a vulnerability scanner

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB. Installation Please install the fil...

7.6AI score
Exploits0
myhack58
myhack58
added 2013/08/19 12:0 a.m.27 views

EMLOG offline writing high-risk security vulnerabilities-vulnerability warning-the black bar safety net

You emlog user, EMLOG Development Group today confirmed EMLOG 5.1 series of versions exist offline writing interface permission validation is not strict, high-risk vulnerabilities. The vulnerability can lead an attacker can bypass the system user authentication mechanism through the offline writi...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2013/08/05 2:55 p.m.9 views

German Video Game 'Crytek' Websites go offline after Security Breach

It seems that German Video Game company 'Crytek' has been the latest victim of hacking attacks on its website and few forums, and caused Crytek's family of websites to go offline. According to the company, "Our Crytek.com, Mycryengine.com, Crydev.net and MyCrysis.com sites were all subject to a...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2013/08/05 3:55 a.m.20 views

German Video Game 'Crytek' Websites go offline after Security Breach

It seems that German Video Game company 'Crytek' has been the latest victim of hacking attacks on its website and few forums, and caused Crytek's family of websites to go offline. According to the company, "Our Crytek.com, Mycryengine.com, Crydev.net and MyCrysis.com sites were all subject to a...

6.9AI score
Exploits0
n0where
n0where
added 2013/07/28 7:3 p.m.24 views

Anonymous Offline File-Sharing and Communications System: PirateBox

PirateBox creates offline wireless networks designed for anonymous file sharing, chatting, message boarding, and media streaming. You can think of it as your very own portable offline Internet in a box! When users join the PirateBox wireless network and open a web browser, they are automatically...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2013/07/21 4:5 p.m.7 views

Apple's Developer Center Offline for 32 Hours; Compromised ?

It's been over a day now since Apple's online Dev Center went offline, and latest message can be seen in the screenshot, which explains that the current maintenance has took a lot longer than they expected. "We apologize that maintenance is taking longer than expected. If your program membership...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2013/07/21 5:5 a.m.12 views

Apple’s Developer Center Offline for 32 Hours; Compromised ?

It’s been over a day now since Apple’s online Dev Center went offline, and latest message can be seen in the screenshot, which explains that the current maintenance has took a lot longer than they expected. "We apologize that maintenance is taking longer than expected. If your program membership...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/15 12:0 a.m.25 views

Fedora 17 : zeroinstall-injector-2.3-1.fc17 (2013-12421)

Enhancements : - upstream now ships an experimental OCaml front-end, this is not yet enabled - Add fish-shell command completion - Allow relative files in and for local feeds. This makes it easy to test feeds before passing them to 0repo. Bug fixes : - Better handling of default=' in bindings. Th...

4.3CVSS7.4AI score0.04857EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2013/07/15 12:0 a.m.22 views

Fedora 19 : zeroinstall-injector-2.3-1.fc19 (2013-12414)

Enhancements : - upstream now ships an experimental OCaml front-end, this is not yet enabled - Add fish-shell command completion - Allow relative files in and for local feeds. This makes it easy to test feeds before passing them to 0repo. Bug fixes : - Better handling of default=' in bindings. Th...

4.3CVSS7.4AI score0.04857EPSS
Exploits0References6
NVD
NVD
added 2013/07/08 10:55 p.m.89 views

CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

7.8CVSS7.5AI score0.81802EPSS
Exploits2References7
Prion
Prion
added 2013/07/08 10:55 p.m.98 views

Authentication flaw

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

7.8CVSS7.1AI score0.81802EPSS
Exploits2References7Affected Software2
Cvelist
Cvelist
added 2013/07/08 10:0 p.m.97 views

CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

7.7AI score0.81802EPSS
Exploits2References7
ATTACKERKB
ATTACKERKB
added 2013/07/08 12:0 a.m.247 views

CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. Recent assessments: Assessed...

7.8CVSS4.3AI score0.81802EPSS
In wildExploits2References11
The Hacker News
The Hacker News
added 2013/04/10 6:4 p.m.9 views

Ubisoft's uPlay service hacked, Far Cry 3 Blood Dragon Leaked

Russian hackers have figured out a way to download free games from Ubisoft's servers, exploiting an existing vulnerability in Ubisoft's uPlay launcher. According to reports, the copies of Far Cry 3 Blood Dragon that are available on torrent sites are the result of a hack of Ubisoft's uPlay servic...

6.6AI score
Exploits0
Kitploit
Kitploit
added 2013/04/02 10:47 p.m.33 views

[360-FAAR v0.4.1] Firewall Analysis Audit And Repair

360-FAAR Firewall Analysis Audit and Repair is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Changes: This release...

7.7AI score
Exploits0
Rows per page
Query Builder