ghostscript: corruption of operand stack

It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection...

LogRhythm Network Monitor Command Execution Vulnerability

LogRhythm Network Monitor is a real-time monitoring system for network threats. A command execution vulnerability exists in LogRhythm Network Monitor. The vulnerability stems from the "/data/api/configuration/" page not strictly validating the parameters passed, which can be exploited by an...

EulerOS 2.0 SP1 : ghostscript (EulerOS-SA-2016-1050)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when...

CVE-2017-8291

It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection...

Unrestricted file upload

Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/filemanager/browse/ aka the filemanager does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functionality...

Security Advisory - Multiple Buffer Overflow Vulnerabilities in Bastet of Huawei Smart Phone

The Bastet of some Huawei mobile phones have three buffer overflow vulnerabilities due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the...

Nextcloud Server and ownCloud Server Content Spoofing Vulnerabilities

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A security...

CVE-2016-9605

A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation...

rabbitmq-server: DoS via lengths_age or lengths_incr parameter in the management plugin

A resource-consumption flaw was found in RabbitMQ Server, where the lengthsage or lengthsincr parameters were not validated in the management plugin. Remote, authenticated users with certain privileges could exploit this flaw to cause a denial of service by passing values which were too large...

Design/Logic Flaw

Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated...

Netman 204 - Backdoor Account / Password Reset

Exploit Title: Netman 204 Backdoor and weak password recovery function Google Dork: intitle:"Netman 204 login" Date: 31st Jan 2017 Exploit Author: Simon Gurney Vendor Homepage: blog.synack.co.uk Software Link: http://www.riello-ups.co.uk/uploads/file/319/1319/FW058-0105FWB0225NetMan204.zip Versio...

Netman 204 Backdoor / Password Reset

Exploit Title: Netman 204 Backdoor and weak password recovery function Google Dork: intitle:"Netman 204 login" Date: 31st Jan 2017 Exploit Author: Simon Gurney Vendor Homepage: blog.synack.co.uk Software Link: http://www.riello-ups.co.uk/uploads/file/319/1319/FW058-0105FWB0225NetMan204.zip Versio...

Netman 204 - Backdoor Account / Password Reset Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Netman 204 Backdoor and weak password recovery function Google Dork: intitle:"Netman 204 login" Date: 31st Jan 2017 Exploit Author: Simon Gurney Vendor Homepage: blog.synack.co.uk Software Link:...

Amazon Linux AMI : ghostscript (ALAS-2017-784)

It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrie...

ghostscript: check for sufficient params in .sethalftone5

It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process...

NVIDIA GeForce Experience Information Disclosure Vulnerability

NVIDIA GeForce Experience is a suite of automatic graphics card update tools from NVIDIA. A security vulnerability exists in the NVIDIA Web Helper.exe file in NVIDIA GeForce Experience version 3.x prior to 3.1.0.52, which stems from the program failing to properly perform access control and...

SPIP 3.1.x < 3.1.4 'plugin' and 'id' Parameters Multiple XSS Vulnerabilities

SPIP is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:spip:spip"; i...

CVE-2016-7979

It was found that the ghostscript function .initializedscparser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process...

CVE-2016-8602

It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process...

Cisco Firepower Management Center Console Local File Inclusion Vulnerability

A vulnerability in the web console of Cisco Firepower Management Center could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to improper validation of parameters that are sent to the web console of an affected system. The vulnerability could allo...