CVE-2014-8662

CVE-2014-8662 affects SAP Payroll Process; a remote-denial-of-service vulnerability arises from issues in session handling. The NVD entry documents a Network attack vector with low complexity and a base score of 7.8 ( HIGH ), indicating feasible remote exploitation that can cause availability imp...

[SECURITY] [DSA 3058-1] torque security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3058-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 27, 2014 http://www.debian.org/security/faq -...

Mediaserver code execution

Two vulnerabilities which allow arbitrary code execution in the mediaserver process...

Fedora 21 : php-symfony-2.5.4-1.fc21 (2014-10239)

2.5.4 2014-09-03 - security 11832 CVE-2014-6072 fabpot - security 11831 CVE-2014-5245 stof - security 11830 CVE-2014-4931 aitboudad, Jeremy Derusse - security 11829 CVE-2014-6061 damz, fabpot - security 11828 CVE-2014-5244 nicolas-grekas, larowlan - bug 10197 FrameworkBundle PhpExtractor bugfix a...

Medium: php54

Issue Overview: acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. A denial of service flaw was found in the way the File Information fileinfo extension parsed certain...

Elido Face Control 0 Multiple Directory Traversal Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16401/info Face Control is prone to multiple directory-traversal vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilitie...

Veritas Backup Exec Windows Remote Agent Overflow

No description provided by source. $Id: remoteagent.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Mambo MOStlyCE Module 2.4 Image Manager Utility Arbitrary File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27472/info The MOStlyCE module for Mambo is prone to an arbitrary-file-upload vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to uplo...

Solaris <= 7.0 Coredump Vulnerbility

No description provided by source. source: http://www.securityfocus.com/bid/296/info There is a vulnerability in the way Solaris 2.4 pre Jumbo Kernel Patch -35 for SPARC dumps core files. Under normal operation the operating system writes out a core image of a process when it is terminated due to...

MNOGoSearch 3.1.20 Search.CGI UL Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/7865/info mnoGoSearch 'search.cgi' has been reported prone to a buffer overflow vulnerability. The issue is a result of a lack of sufficient bounds checking performed on user-supplied URI parameters that are passed to the...

MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation (CVE-2013-0008)

No description provided by source. / ms13-005-funz-poc.cpp - Drive a Medium IL cmd.exe via a Low IL process and message broadcasted Copyright C 2013 Axel "0vercl0k" Souchet - http://www.twitter.com/0vercl0k This program is free software: you can redistribute it and/or modify it under the terms of...

MiniHTTPServer WebForums Server 1.x/2.0 - Remote Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7955/info It has been reported that WebForums Server does not properly handle some types of requests. Because of this, attackers may be able to gain access to files on the host server with the privileges of the web server...

kill all running process x86/linux

No description provided by source. / 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

Kerio Mailserver 5.6.3 add_acl Module Overflow

No description provided by source. source: http://www.securityfocus.com/bid/7967/info Multiple buffer overrun vulnerabilities have been discovered in Kerio MailServer, which affect the webmail component. The problem occurs when handling usernames of excessive length and likely occurs due to...

SunView (SunOS <= 4.1.1) selection_svc Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/8/info On Sun3 and Sun4 systems, a remote system can read any file that is readable to the user running SunView. On the 386i, a remote system can read any file on the workstation running SunView regardless of protections...

Freeway 1.4.1.171 templates/Freeway/boxes/whos_online.php language Parameter Traversal Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30731/info Freeway is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to view...

Confixx 2 Perl Debugger Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request fo...

Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit

No description provided by source. / GNU/Linux kernel 2.6.29 ptraceattach local root race condition exploit. ========================================================================== This is a local root exploit for the 2.6.29 ptraceattach race condition that allows a process to gain elevated...

Linux/ARM - setuid(0) & kill(-1, SIGKILL) - 28 bytes

No description provided by source. / Title: Linux/ARM - setuid0 & kill-1, SIGKILL - 28 bytes Kill all processes Date: 2010-06-29 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes...

qemu -- denial of service vulnerability in VNC

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the VNC display driver is vulnerable to an infinite loop issue. It could occur while processing a CLIENTCUTTEXT message with specially crafted payload message. A privileged guest user could use this flaw to crash th...