2641 matches found
Mail.ru: [babel.mail.ru] Admin Page Found
Access to babel.mail.ru admin page was not sufficiently filtered, allowing accounts bruteforcing. bable.mail.ru is not directly listed in the bug bounty scope, but this vulnerability could affect projects in the scope...
Mail.ru: Potential SSRF in sales.mail.ru
SSRF in the project outside of bug bounty program's scope. Despite the project is out-of-scope, bounty was rewarded due to problem severity. i reported this issue as xss one year ago, so i found a directory, where one can upload /flashtest.htm?show=upload swf files, i uploaded malicious swf file...
Mail.ru: [evo2.my.com] Reflected XSS
Browser-specific reflected XSS via POST parameters in evo2.my.com. evo2.my.com is not covered by bug bounty scope...
Mail.ru: [games.my.com] Reflected XSS
Browser-specific reflected XSS via URI parameters in games.my.com. games.my.com is not covered by bug bounty scope...
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2743-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2743-1 advisory. Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered...
chromium-browser: Permission scoping error in WebRequest
The WebRequest API implementation in extensions/browser/api/webrequest/webrequestapi.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intended access restrictions via a crafted 1 app or 2...
Researchers Hack TrackingPoint Rifle's Precision Targeting System
TrackingPoint rifles are state-of-the-art precision hunting and sniper rifles that come equipped with a networked tracking scope that’s accessible via Wi-Fi, and comes complete with USB ports and a mobile app. It’s almost foolproof shooting, albeit at a $13,000 price tag. And the security of all ...
PHPCMS \phpcms\modules\member\index.php user login SQL injection vulnerability analysis-vulnerability warning-the black bar safety net
catalog 1. Vulnerability description 2. Vulnerability trigger conditions 3. Vulnerability scope 4. Vulnerability code analysis 5. Defense method 6. Offensive and defensive thinking 1. Vulnerability description 2. Vulnerability trigger conditions 0x1: POC http://localhost/phpcmsv9/index. php?...
PCI Scope Assessments for Higher Education Institutions
With the release of PCI DSS version 3.0 and more recently 3.1, many Higher Education Institutions have found it hard to know which SAQs they should be filling out since there are now nine options. Higher Education Institutions have very complex merchant card environments and with the new...
Seagate Central 2014.0410.0026-F - Remote Facebook Access Token
!/usr/bin/python seagatecentralfacebook.py Seagate Central Remote Facebook Access Token Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central stores linked Facebook account access tokens in /etc/archiveaccounts.ser and this exploit takes advantage of two bugs: 1 Passwordless...
SUSE SLES10 Security Update : glibc (SUSE-SU-2014:1119-1)
This glibc update fixes a critical privilege escalation problem and the following security and non security issues : - bnc892073: An off-by-one error leading to a heap-based buffer overflow was found in gconvtranslitfind. An exploit that targets the problem is publicly available. CVE-2014-5119 -...
BOA Web Server 0.94.8.2 - Arbitrary File Access Vulnerability
Exploit for linux platform in category web applications Title: Vulnerability in BOA web server v0.94.8.2 Date: 03/10/2000 Status: Vendor contacted, patch available Scope: Arbitrary file access Author: llmora Release: Public S 2 1 S E C http://www.s21sec.com Vulnerability in BOA web server v0.94.8...
Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2015-01286)
Mozilla Firefox is a web browser developed by the Mozilla Foundation in conjunction with the open source community. Mozilla Firefox suffers from a buffer overflow vulnerability because it fails to scope check properly before copying user-supplied data into a sufficiently sized buffer, allowing an...
Design/Logic Flaw
The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding opt parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scop...
Fedora 20 : vorbis-tools-1.4.0-13.fc20 (2015-1191)
do not use stack variable out of its scope of validity CVE-2014-9640 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
The Ghost vulnerability the GHOST affects a large number of Linux operating system and its release version update repair programme-vulnerability warning-the black bar safety net
Security researchers have recently exposed a named Ghost(GHOST)a serious security vulnerability, this vulnerability may allow an attacker remote accessoperating systemis the highest control authority, the impact of the market on a large number of Linux operating system and its release version. Th...
chromium-browser: use-after-free in DOM
Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper...
Google Chrome DOM Memory Misreference Code Execution Vulnerability
Google Chrome is a popular WEB browser. A memory misreference vulnerability in Google Chrome DOM real core/events/TreeScopeEventContext.cpp allows attackers to construct a malicious WEB page and trick users into parsing it, which could crash the application or execute arbitrary code...
Like a Nesting Doll, Vawtrak Malware Has Many Layers
Researchers have peeled back more layers on Vawtrak, a relatively new banking Trojan so complex that those who have taken it apart have likened it to a Matryoshka, or Russian nesting doll. Virus Bulletin published a deep dive on the malware penned by Raul Alvarez, a researcher with Fortinet,...
DEBIAN-CVE-2015-0559
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service application crash via a crafted packet, related to the use of packet-scope memory instead ...