CVE-2012-3140

Technical details about CVE-2012-3140 are not publicly provided in the connected documents. No affected products, vulnerable components, root cause, exploit information, or remediation are disclosed here. Monitor for updates from official advisories.

Linux udev Netlink Local Privilege Escalation

Versions of udev 'Linux udev Netlink Local Privilege Escalation', 'Description' = %q Versions of udev MSFLICENSE, 'Author' = 'kcope', discovery 'Jon Oberheide', 95-udev-late.rules technique 'egypt' metasploit module , 'Platform' = 'linux' , 'Arch' = ARCHX86, ARCHX64 , 'SessionTypes' = 'shell',...

FileContral - Local File Inclusion Local File Disclosure

FileContral - Local File Inclusion Local File Disclosure source: https://www.securityfocus.com/bid/55891/info FileContral is prone to a local file-include and a local file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to...

WespaJuris <= 3.0 upload shell Vulnerability

Exploit for php platform in category web applications Then, go to http://localhost/juris/clientdir/30/d...

Scientific Linux Security Update : libgtop2 on SL4.x i386/x86_64

A flaw was found in the way libgtop2 handled long filenames mapped into the address space of a process. An attacker could execute arbitrary code on behalf of the user running gnome-system-monitor by executing a process and mapping a file with a specially crafted name into the processes' address...

SAP Management Console GetProcessList

This module attempts to list SAP processes through the SAP Management Console SOAP Interface This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console GetProcessList', 'Description...

WordPress Plugin Flip Book - &#039;PHP.php&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/54173/info Flip Book is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and...

WordPress Plugin Wp-ImageZoom - &#039;file&#039; Remote File Disclosure

source: https://www.securityfocus.com/bid/54058/info Wp-ImageZoom for WordPress is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view local files in the context of the web server process,...

Joomla! Component mod_artuploader - &#039;upload.php&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/53969/info The Art Uploader component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitra...

CVE-2012-0580

Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0, and 6.1.1 allows remote attackers to affect integrity via unknown vectors related to Supplier Portal...

CVE-2012-0580

Technical details about CVE-2012-0580 are not publicly provided in the connected documents. The available records only reiterate an unspecified vulnerability in Oracle Agile PLM for Process related to the Supplier Portal. Monitor for updates.

Apache Struts 2.0 - XSLTResult.java Arbitrary File Upload

Apache Struts 2.0 - XSLTResult.java Arbitrary File Upload source: https://www.securityfocus.com/bid/52702/info Apache Struts2 is prone to a remote arbitrary file-upload vulnerability because it fails to sufficiently sanitize user-supplied input. Attackers can exploit this issue to upload arbitrar...

ToendaCMS 1.6.2 - &#039;/setup/index.php?site&#039; Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/52350/info ToendaCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal...

OpenEMR Local File Include and Command Injection Vulnerabilities

OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user- supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the user running the application, obtain potentially...

[SECURITY] [DSA 2376-1] ipmitool security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2376-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst December 30, 2011 http://www.debian.org/security/faq -...

Windows Gather Wireless Current Connection Info

This module gathers information about the current connection on each wireless lan interface on the target machine. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather Wireless Curren...

Novell ZENworks Handheld Management ZfHSrvr.exe Multiple Remote Code Execution Vulnerabilities

The ZENworks Handheld Management Server process ZfHSrvr.exe contains multiple unspecified remote code execution vulnerabilities that allow an attacker to run arbitrary code on a victim within the context of the 'ZENworks Handheld Management Server' process. C Tenable Network Security, Inc...

Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow

$Id: cytelstudiocy3.rb 14041 2011-10-24 01:39:11Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0.2, 6.0.0.3, and 6.0.0.4 allows remote attackers to affect confidentiality via unknown vectors related to Supplier Portal...

CVE-2011-3532

CVE-2011-3532 concerns Oracle Agile Product Supplier Collaboration for Process within Oracle Supply Chain Products Suite (versions 5.2.2, 6.0.0.2, 6.0.0.3, 6.0.0.4). The initial description states an unspecified vulnerability that allows remote attackers to affect confidentiality via unknown vect...