737 matches found
PT-2018-1882 · Microsoft · Windows Server 2012 +10
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to errors in handling objects in memory by the Windows kernel, which can allow an attacker to elevate their privileges and execute arbitrary code using a...
PT-2018-10677
Name of the Vulnerable Software and Affected Versions PPPD versions prior to the version with the fixed patch Description The issue arises from improper input validation combined with an integer overflow in the EAP-TLS protocol implementation. This can lead to a crash, information disclosure, or...
Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately
It's time to update your Drupal websites, once again. For the second time within a month, Drupal has been found vulnerable to another critical vulnerability that could allow remote attackers to pull off advanced attacks including cookie theft, keylogging, phishing and identity theft. Discovered b...
PT-2017-4077 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.38 through 4.14 Description: The issue is related to the touch pmd function in the Linux Kernel, which can be exploited due to incorrect synchronization when using a shared resource. This can allow an attacker to...
ALPINE-CVE-2017-9798
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker...
PT-2017-2151 · Microsoft · Windows Server 2012 +7
Name of the Vulnerable Software and Affected Versions: Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold and R2 Microsoft Windows RT 8.1 Microsoft Windows 10 versions Gold, 1511, 1607, 1703 Microsoft Windows Server 2016...
wirkaufendeinauto.de XSS vulnerability
Vulnerable URL: https://www.wirkaufendeinauto.de/wert/10-8/?MID=DEOES30083100" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 66702 VIP website status:| No Check wirkaufendeinauto....
trendpharm.com XSS vulnerability
Vulnerable URL: http://trendpharm.com/search?s=%3Cimg+src%3Dx+onerror%3Dprompt%28%2FOPENBUGBOUNTY%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1998888 VIP website status...
EC-CUBE vulnerable to cross-site request forgery
Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability CWE-352. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
PT-2014-1733 · Microsoft · Windows 8 +8
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Windows Server 2003 SP2 Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT Gold and 8.1 Description: The...
WePay: Typical form vulnerable to csrf attack
See the form you give here. This is provided by you to change settings without logging in. You have supplied a 'csrf token' and 'ounce'. eg. https://stage.wepay.com/email/manage/170395/hash But, i bypassed your csrf by just removing values of tokens and submitting it blank. And it worked. Hope, y...
VxWorks Web Server vulnerable to denial-of-service (DoS)
Overview The VxWorks Web Server contains a denial-of-service vulnerability. The VxWorks Web Server contains a denial-of-service DoS vulnerability. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
PT-2013-3031 · Microsoft · Windows Server 2003 +4
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: A...
PT-2012-4345 · Microsoft +1 · Windows 8 +9
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Microsoft...
Google Chrome < 17.0.963.78 Code Multiple Vulnerabilities
Binary data 800922.prm...
PT-2010-4261 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A remote code execution issue exists in the way the Windows common control library renders specially crafted Web sites when using a third-party scalable vector graphics SVG...
PT-2010-2241 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A remote code execution issue exists in the way Microsoft MPEG Layer-3 codecs handle AVI media files. This could allow remote code execution if a user opens a specially crafte...
PT-2010-2039 · Microsoft · Windows Vista +2
Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold and SP2 Description: A remote code execution issue exists due to insufficient bounds checking when processing specially crafted ICMPv6 Router...
PT-2009-3491
Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio .NET versions 2003 SP1 through 2008 Microsoft Visual C++ versions 2005 SP1 through 2008 SP1 Windows versions 2000 SP4 through XP SP3, Server 2003 SP2, Vista Gold through SP2, and Server 2008 Gold through SP2 Description...
PT-2009-2912
Name of the Vulnerable Software and Affected Versions Microsoft Office Excel versions 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 Excel Viewer 2003 Gold and SP3 Excel Viewer Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Microsoft Office 2004 and 2008 for Mac Description ...