5093 matches found
APSB16-46 Security update available for RoboHelp
Adobe categorizes this hotfix with the following priority rating and recommends users update their installations to the newest versions:...
Error: "Error while changing IO Priority to High for Process" for Processes Related to Antivirus Software
The Windows Event Log on a machine running Workspace Environment Management may contain many events from the WEM Agent Service. These events all relate to processes for Antivirus software installed on the device...
CVE-2016-3991
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via a crafted TIFF image with zero tiles...
How content-length of a HTTP response is handled when rewrite is in use on NetScaler
When using rewrite policy with priority 120 on NetScaler it can be noticed that Content-Length header is misspelled in the response. To alter this behavior we can use another rewrite policywith priority 100 that has an action that can never be true. Note: Priority 120 and 100 is taken as examples...
The vulnerability of the Android operating system allows a hacker to increase the priority of the intent-filter filter.
The vulnerability in the services/core/java/com/android/server/pm/PackageManagerService.java file of the Android operating system’s API is caused by a buffer overflow. Exploiting this vulnerability could allow an attacker to increase the priority of the intent-filter filter through a specially...
Python priority denial of service vulnerability
Python is a suite of open source, object-oriented programming languages from the Python Software Foundation. json is one of the modules that provides a lightweight format for exchanging data. priority is one of the modules used to implement ordering. A denial of service vulnerability exists in...
CVE-2016-2497
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...
UBUNTU-CVE-2016-2497
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...
Code injection
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...
CVE-2016-2497
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489...
Debian DLA-574-1 : qemu-kvm security update
Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2015-5239 Lian Yihan discovered that QEMU incorrectly handled certain payload messages in the VNC...
FRticket Ticket System 1 Cross Site Scripting
Exploit Title: FRticket - Ticket System - Stored XSS Google Dork: if applicable Date: 11.06.2016 Exploit Author: Hamit ABİŞ Vendor Homepage: http://codecanyon.net/item/frticket-ticket-system/16539836 Version: v1 About Get the world’s most popular customer support ticket system. FRticket is...
FRticket Ticket System - Persistent Cross-Site Scripting
Exploit for php platform in category web applications Exploit Title: FRticket - Ticket System - Stored XSS Google Dork: if applicable Date: 11.06.2016 Exploit Author: Hamit ABİŞ Vendor Homepage: http://codecanyon.net/item/frticket-ticket-system/16539836 Version: v1 About Get the world’s most...
FRticket Ticket System - Persistent Cross-Site Scripting
FRticket Ticket System - Persistent Cross-Site Scripting Exploit Title: FRticket - Ticket System - Stored XSS Google Dork: if applicable Date: 11.06.2016 Exploit Author: Hamit ABİŞ Vendor Homepage: http://codecanyon.net/item/frticket-ticket-system/16539836 Version: v1 About Get the world’s most...
FRticket Ticket System - Persistent Cross-Site Scripting
Exploit Title: FRticket - Ticket System - Stored XSS Google Dork: if applicable Date: 11.06.2016 Exploit Author: Hamit ABİŞ Vendor Homepage: http://codecanyon.net/item/frticket-ticket-system/16539836 Version: v1 About Get the world’s most popular customer support ticket system. FRticket is...
DEBIAN-CVE-2016-4020
The patchinstruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register TPR...
Session fixation
The patchinstruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register TPR...
SAP NetWeaver AS JAVA 7.4 Cross Site Scripting
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: http://SAP.com Bugs: Cross Site Scripting XSS Sent: 10.08.2015 Reported: 10.08.2015 Vendor response: 11.08.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2220571 Author: Vahagn...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-2974-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2974-1 advisory. Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue t...
Mozilla Firefox Injection Vulnerability
Mozilla Firefox Health Report is a plug-in developed by the Mozilla Foundation for understanding the performance of the Firefox browser. It collects some usage data from the users, and then provides the stability and performance of the Firefox browser, as well as optimization tips. An injection...