2526 matches found
Rancher Server - Docker Daemon Code Execution Exploit
Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing the attacker to...
Rancher Server - Docker Daemon Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rancher Server - Docker Exploit', 'Description' = %q Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounte...
Rancher Server Docker Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rancher Server - Docker Exploit', 'Description' = %q Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounte...
CVE-2017-9720
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur...
CVE-2017-9720
CVE-2017-9720 affects Qualcomm camera driver in Android CAF Linux kernel builds, where an off-by-one error can trigger an out-of-bounds read/write. The vulnerability is listed under Qualcomm components as an Elevation of Privilege (EoP) risk with the camera driver as the affected component; expli...
kernel: Use after free in SCSI generic device interface
It was found that the blkrqmapuseriov function in the Linux kernel's block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging write...
[SECURITY] Fedora 25 Update: libsndfile-1.0.28-6.fc25
libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on...
SUSE SLES11 Security Update : freeradius-server (SUSE-SU-2017:2244-1)
This update for freeradius-server fixes the following issues: Security issues fixed : - CVE-2017-10981: DHCP - Fix memory leak in frdhcpdecode. bnc1049086 - CVE-2017-10982: Fix buffer over-read in frdhcpdecodeoptions. bsc1049086 - CVE-2017-10983: Fix read overflow when decoding option 63...
UBUNTU-CVE-2015-4082
attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...
ClipBucket 2.8.3 - Multiple Vulnerabilities
Exploit for php platform in category web applications @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15,...
ClipBucket 2.8.3 SQL Injection / Arbitrary File Read / Write
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15, 2017 .:. Exploit Author: bRpsd .:. Skype contact: vegno...
ClipBucket 2.8.3 - Multiple Vulnerabilities
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15, 2017 .:. Exploit Author: bRpsd .:. Skype contact: vegno...
Oracle Linux 7 : freeradius (ELSA-2017-2389)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2389 advisory. - Related: Bug1469414 CVE-2017-10984 freeradius: Out-of-bounds write in data2vpwimax - Resolves: Bug1469409 CVE-2017-10978 freeradius: Out-of-bounds...
CVE-2017-10238
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
CVE-2017-10211
Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: WebConnect. The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hospitality Suite8. Successf...
CVE-2017-10106
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
CVE-2017-10082
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite subcomponent: Security. Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM...
CVE-2017-10088
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite subcomponent: Security. Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Agile PLM executes...
CVE-2017-10047
Vulnerability in the MICROS BellaVita component of Oracle Hospitality Applications subcomponent: Interface. The supported version that is affected is 2.7.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise MICROS BellaVita. Successful...
CVE-2017-10046
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite subcomponent: Web Access. Supported versions that are affected are 8.3, 8.4, 15.1, 15.2 and 16.1. Easily exploitable vulnerability allows low privileged attacker with network...