7660 matches found
Edmodo BB#1 - Persistent Input Validation Vulnerability
Document Title: =============== Edmodo BB1 - Persistent Input Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1921 Release Date: ============= 2016-08-22 Vulnerability Laboratory ID VL-ID: ==================================== 192...
QNAP QTS 4.2.0 Build 20160311 / Build 20160601 Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-049 Product: QNAP QTS Manufacturer: QNAP Affected Versions: 4.2.0 Build 20160311 and Build 20160601 Tested Versions: 4.2.0 Build 20160311 - 4.2.2 Build 20160812 Vulnerability Type: Persistent Cross-Site Scripting CWE-79 Risk...
8 on 1 9: The Shadow-Brokers the leaked file description, technical analysis on-the vulnerability warning-the black bar safety net
! 0x01 exposure data with the equation and NSA relationship From the leaked data packet with the decompressed content to see, specifically for the firewall device attack and penetration action when the use of the tool set. According to the data exposed persons Shadow Brokers described, this packe...
openSUSE Security Update : OpenJDK7 (openSUSE-2016-982)
Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domains under Javax custom policy - S8148872, CVE-2016-3500:...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-977)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...
Pi-Hole Web Interface 2.8.1 - Persistent Cross-Site Scripting in Whitelist/Blacklist
Exploit Title: Pi-Hole Web Interface Stored XSS in White/Black list file Author: loneferret from Kioptrix Product: Pi-Hole Version: Web Interface 1.3 Web Interface software: https://github.com/pi-hole/AdminLTE Version: Pi-Hole v2.8.1 Discovery date: July 20th 2016 Vendor Site: https://pi-hole.net...
WSO2 Carbon 4.4.5 - Persistent Cross-Site Scripting
Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-PERSISTENT-XSS-COOKIE-THEFT.txt + ISR: ApparitionSec Vendor: ============= www.wso2.com Product: ================== Ws02Carbon v4.4.5 WSO2 Carbon is the...
WSO2 Carbon 4.4.5 - Persistent Cross-Site Scripting
Exploit for jsp platform in category web applications + Credits: John Page aka HYP3RLINX Vendor: ============= www.wso2.com Product: ================== Ws02Carbon v4.4.5 WSO2 Carbon is the core platform on which WSO2 middleware products are built. It is based on Java OSGi technology, which allows...
WSO2 Carbon 4.4.5 Cross Site Scripting
Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-PERSISTENT-XSS-COOKIE-THEFT.txt + ISR: ApparitionSec Vendor: ============= www.wso2.com Product: ================== Ws02Carbon v4.4.5 WSO2 Carbon is the...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-976)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.7 - OpenJDK 7u111 - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection...
Security update for java-1_8_0-openjdk (important)
This update for java-180-openjdk fixes the following issues: - Upgrade to version jdk8u101 icedtea 3.1.0 - New in release 3.1.0 2016-07-25: Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 -...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk fixes the following issues: - Update to 2.6.7 - OpenJDK 7u111 Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domai...
FortiVoice v5.0 - Filter Bypass & Persistent Vulnerability
Document Title: =============== FortiVoice v5.0 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1842 Fortinet PSIRT ID: 1737213 Bulletin:...
FortiVoice v5.0 - Filter Bypass & Persistent Vulnerability
Document Title: =============== FortiVoice v5.0 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1842 Fortinet PSIRT ID: 1737213 Bulletin:...
openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-944)
This update for java-180-openjdk fixes the following issues : - Upgrade to version jdk8u101 icedtea 3.1.0 - New in release 3.1.0 2016-07-25 : - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking boo989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only boo989734 -...
ntopnbox 2.3 2.5 - Multiple Vulnerabilities
ntopnbox 2.3 2.5 - Multiple Vulnerabilities E-DB Note: Source http://carnal0wnage.attackresearch.com/2016/08/got-any-rces.html The issues were found originally in nbox 2.3 and confirmed in nbox 2.5 To make things easier, I created a Vagrantfile with provisioning so you can have your own nbox...
FortiCloud - Reports Summary Persistent Vulnerabilities
Document Title: =============== FortiCloud - Reports Summary Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1735 Vulnerability Magazine:...
FortiCloud Cross Site Scripting
Document Title: =============== FortiCloud - Reports Summary Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1735 Release Date: ============= 2016-08-05 Vulnerability Laboratory ID VL-ID:...
FortiManager Malicious Script Insertion
Document Title: =============== FortiManager Series - Bookmark Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1685 Fortinet PSIRT ID: 1624461 Release Notes 1:...
FortiManager (Series) - Persistent Bookmark Vulnerability
Document Title: =============== FortiManager Series - Persistent Bookmark Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1685 Fortinet PSIRT ID: 1624461 Bulletin:...