CVE-2016-8586

detectedpotentialfiles.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cacheid parameter...

Mercurial Custom hg-ssh Wrapper Remote Code Exec

This module takes advantage of custom hg-ssh wrapper implementations that don't adequately validate parameters passed to the hg binary, allowing users to trigger a Python Debugger session, which allows arbitrary Python code execution. This module requires Metasploit: https://metasploit.com/downlo...

Android Webview remote code execution getClassLoader-vulnerability warning-the black bar safety net

It is well known in the Android 4.4 system on Google has been the default system Webkit kernel is replaced with the own open-source project chromium,and in Issue 2 1 3 6 9 3 0 0 5（https://codereview.chromium.org/213693005）shielding the webview object. getClass, android in 4. 4. 4 version complete...

Foxit Reader ConvertToPDF TIFF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ConvertToPDF...

CVE-2016-0124

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-0123, CVE-2016-0129, and CVE-2016-0130...

CVE-2015-2442

The CVE-2015-2442 entry concerns Microsoft Internet Explorer (IE) versions 8–11 and Edge, described as a memory corruption vulnerability that allows remote code execution or denial of service when a user visits a crafted site. The description explicitly labels it as a Memory Corruption Vulnerabil...

Microsoft Internet Explorer HTTP Response Double Free Memory Corruption (MS08-045) - Ver2 (CVE-2008-2256)

Microsoft Internet Explorer is the most widely used Internet browser. . A remote code execution vulnerability was reported in the way Microsoft Internet Explorer accesses an object that has not been correctly initialized or that has been deleted. By convincing a user to visit a specially crafted...

Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17

Title: Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17 Author: Larry W. Cashdollar, @larry0 Date: 2015-03-29 Download Site: https://wordpress.org/plugins/videowhisper-video-presentation/ Vendor: http://www.videowhisper.com/ Vendor Notified: 2015-03-29...

CVE-2015-2754

CVE-2015-2754 affects the FreeXL library. A vulnerability in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and potentially execute arbitrary code via a crafted Excel workbook, related to a “premature EOF.” The issue affects FreeXL versions earlier th...

CVE-2015-0644

CVE-2015-0644 affects Cisco IOS XE AppNav. The vulnerability arises from improper handling of TCP packets, allowing an unauthenticated, remote attacker to cause either arbitrary code execution or a device reload (DoS) via a crafted TCP packet. Affected are IOS XE 3.8–3.10 before 3.10.3S, 3.11 bef...

PHP Speedy <= 0.5.2 - (admin_container.php) Remote Code Exec Exploit

The phpspeedywp WordPress plugin was affected by a admincontainer.php Remote Code Exec Exploit security vulnerability...

Firefox Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-17-firefox-plugin-parameter-ensurecachedattrparamarrays-remote-code-execution/...

PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec Exploit

No description provided by source. ?php / php speedy = 0.5.2 wordpress plugin admincontainer.php Remote Code Exec Exploit vendor: http://aciddrop.com/ ------------------------------- May the stars be aligned! php.ini requirements: registerglobals=On allowurlinclude=On magicquotesgpc=Off...

WordPress E-Commerce 3.8.9.5 File Upload / XSS / CSRF / Code Execution

----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a |.......................| N l |.....................| S E |.......................| e D...

NeoBill 0.9-alpha eCommerce Command Execution / SQL Injection / LFI

Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Title : NeoBill...

NeoBill v0.9-alpha eCommerce <= (RCE/SQLi/LFI) Vulnerabilities

NeoBill v0.9-alpha is suffer from multiple vulnerabilities Usage Info Bllind Exploitation via cURL exploits or HTTP Headers Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz...

IrfanView - .TIF Image Decompression Buffer Overflow

IrfanView - .TIF Image Decompression Buffer Overflow Application: IrfanView TIF Image Decompression Buffer Overflow Vulnerability Plateform: Windows Version: The vulnerabilities are confirmed in version 4.33. Other versions may also be affected. Exploitation: Remote code execution Secunia Number:...

ZDI-12-161 : EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-161 : EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-161 August 22, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...

RHEL 4 / 5 / 6 : php (RHSA-2012:0093)

The remote Redhat Enterprise Linux 4 / 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0093 advisory. - php: remote code exec flaw introduced in the CVE-2011-4885 hashdos fix CVE-2012-0830 Note that Nessus has not tested for this issue but has...

EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Agent Service ftAgent.exe. The Agent Service listens on TCP port 8045 for communications...