CVE-2014-4703

lib/parseini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701...

CVE-2014-4702

The checkicmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701...

Google Chrome Multiple Vulnerabilities - 01 (Nov 2014) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Multiple Vulnerabilities - 01 (Nov 2014) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

chromium-browser: Use-after-free in pepper plugins

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's...

CryptoPHP Backdoor Hijacks Servers with Malicious Plugins & Themes

Security researchers have discovered thousands of backdoored plugins and themes for the popular content management systems CMS that could be used by attackers to compromise web servers on a large scale. The Netherlands-based security firm Fox-IT has published a whitepaper revealing a new Backdoor...

GLSA-201411-06 : Adobe Flash Player: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201411-06 Adobe Flash Player: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly...

[SECURITY] Fedora 19 Update: owncloud-5.0.17-2.fc19

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection

WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection Vulnerability title: Multi SQL Injection in SP Client Document Manager plugin CVE: N/A Vendor: http://smartypantsplugins.com Plugin: SP Client Document Manager Download link: https://wordpress.org/plugins/sp-client-document-manager...

DAMM - Differential Analysis of Malware in Memory

An open source memory analysis tool built on top of Volatility. It is meant as a proving ground for interesting new techniques to be made available to the community. These techniques are an attempt to speed up the investigation process through data reduction and codifying some expert knowledge...

chromium: multiple issues

CVE-2014-7899 address bar spoofing A flaw allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string. - CVE-2014-7900 use-after-free Use-after-free vulnerability in the...

[SECURITY] Fedora 20 Update: nrpe-2.15-2.fc20

Nrpe is a system daemon that will execute various Nagios plugins locally on behalf of a remote monitoring host that uses the checknrpe plugin. Various plugins that can be executed by the daemon are available at: http://sourceforge.net/projects/nagiosplug This package provides the core agent...

CVE-2014-7906

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's...

CVE-2014-7906

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's...

CVE-2014-7906

CVE-2014-7906 describes a use-after-free in the Pepper plugins of Google Chrome prior to 39.0.2171.65. A crafted Flash content exploit can trigger a PepperMediaDeviceManager access outside of the object’s lifetime, potentially causing a denial of service and other impacts. The remediation is to u...

CVE-2014-7906

Removed by vendor...

CVE-2014-7906

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's...

Who's Who Script - CSRF Exploit (Add Admin Account)

No description provided by source. Title : Who's Who Script CSRF Exploit Add Admin Account Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Date : 30.10.2014 Demo : http://demo.phpscriptlerim.com/free/whoswho/ Download1 :...

Fedora Update for claws-mail-plugins FEDORA-2014-14234

Check the version of claws-mail-plugins SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868468";...

[SECURITY] Fedora 20 Update: pidgin-2.10.10-1.fc20

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...