451 matches found
Design/Logic Flaw
Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-2178
CVE-2017-2178 describes an untrusted search path vulnerability in the Installer of the ATLA (Acquisition, Technology & Logistics Agency) electronic tendering and bid opening system. The root cause is insecure DLL loading (DLL search path issue) that could allow arbitrary code execution via a Troj...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2017-629)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.10 - OpenJDK 7u141 bsc1034849 - Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-351...
ATLA Installer of electronic tendering and bid opening system remote code execution vulnerability
Acquisition, Technology & Logistics Agency ATLA Installer of electronic tendering and bid opening system is an electronic tendering and bid opening system installer from Japan's Acquisition, Technology & Logistics Installer of electronic tendering and bid opening system is an installer of...
Microsoft Office Remote Code Execution Vulnerability (CNVD-2017-06605)
Microsoft Office is a suite of office software based on the Windows operating system developed by Microsoft. A remote code execution vulnerability exists in the implementation of the Office software when opening files with malformed graphics, allowing an attacker to take control of the affected...
chessgames.com XSS vulnerability
Vulnerable URL: http://www.chessgames.com/perl/chess.pl?opening=B86-89=19233=Robert James Fischer playing the Sicilian Sozin=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 19713...
SUSE-SU-2016:2817-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - bsc1006592: Fix a regression introduced in CVE-2013-5653 by which ps files couldn't be opened in okular/evince kde371887...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3635)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3635 advisory. - sched: panic on corrupted stack end Jann Horn Orabug: 24971921 CVE-2016-1583 - ecryptfs: forbid opening files without mmap handler Jann Horn Orabug:...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.17 - sched: panic on corrupted stack end Jann Horn Orabug: 24971921 CVE-2016-1583 - ecryptfs: forbid opening files without mmap handler Jann Horn Orabug: 24971921 CVE-2016-1583 - proc: prevent stacking filesystems on top Jann Horn Orabug: 24971921 CVE-2016-1583...
VMware Host Guest Client Redirector - DLL Side Loading (Metasploit)
require 'msf/core' class MetasploitModule 'DLL Side Loading Vulnerability in VMware Host Guest Client Redirector', 'Description' = %q A DLL side loading vulnerability was found in the VMware Host Guest Client Redirector, a component of VMware Tools. This issue can be exploited by luring a victim...
VMSA-2016-0010:VMware product updates address multiple HIGH security issues
VMSA-2016-0010.1 VMware product updates address multiple important security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0010.1 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware product updates address multiple security issue...
Drupal Opening Hours Module Cross-Site Scripting Vulnerability
Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community. opening hours is one of the modules used to find stores or libraries that are open at a certain time. A cross-site scripting vulnerability exists in the Drupal Opening Hours module in...
The vulnerability of the Microsoft Office software package allows a malicious individual to obtain access tokens used for authenticating the current user.
The vulnerability of Microsoft Office software relates to errors in processing a specially crafted response when attempting to open an Office document located on a malicious website. Exploiting this vulnerability allows a malicious actor to obtain access tokens used for authenticating the current...
Opening hours - Moderately Critical - XSS - SA-CONTRIB-2016-031
This module enables you to enter opening hours for locations in a highly detailed way. The module doesn't sufficiently escape input data from user input. This vulnerability is mitigated by the fact that an attacker must be able to edit opening hours by having a role with the permission “Edit...
UBUNTU-CVE-2015-1339
Memory leak in the cusechannelrelease function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service memory consumption or possibly have unspecified other impact by opening /dev/cuse many times...
NTP - Local Privilege Escalation
Source: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ Introduction Problem description: The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as ro...
WinAsm Studio 5.1.8.8 - Buffer Overflow Crash (PoC)
Exploit: WinAsm Studio 5.1.8.8 BOF. Date: 12/6/2015 Exploit Author: UnN0n Vendor: WinAsm Software Link: http://www.winasm.net/winasm-studio-updates.html Version: 5.1.8.8 Tested on: Windows 7 x6464bit Info Code: rc.right = 0; rc.bottom = 0; DrawTextExA hdc, L"I...
Shopify: Cookie securing your "Opening soon" store is not secured against XSS
PoC: 1 Protect your e-shop with a password Storefront password 2 Go to your e-shop URL and enter the password to access the store 3 There is a cookie created - name: storefrontdigest - this cookie contains the password in a secure way which protects your store 4 This cookie is not marked as...
Shopify: Unauthenticated access to details of hidden products in any shop via title emuneration
This issue allows external unauthenticated attacker to bypass password protection of currently unopened "Opening Soon" stage stores and obtain full description of products considering they know/enumerate the title of the product and the product has been published. It could be used to obtain...
php: buffer overflow in phar_set_inode()
A buffer overflow flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened...