31 matches found
java-11-openjdk security, bug fix, and enhancement update
1:11.0.16.0.8-1 - Update to jdk-11.0.16+8 - Update release notes to 11.0.16+8 - Use same tarball naming style as java-17-openjdk and java-latest-openjdk - Drop JDK-8257794 patch now upstreamed - Print release file during build, which should now include a correct SOURCE value from .src-rev - Updat...
Responsive Filemanager 9.8.1 Authentication Bypass Vulnerability
Exploit for php platform in category web applications I. VULNERABILITY ------------------------- Responsive Filemanager 9.8.1 Authentication Bypass II. CVE REFERENCE ------------------------- CVE-2018-18061 III. VENDOR ------------------------- https://www.responsivefilemanager.com IV. REFERENCES...
PT-2018-16266 · Samsung · Samsung Smartthings Hub
Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17 Description: A buffer overflow issue exists in the credentials handler of the video-core's HTTP server. The strncpy function overflows a destination buffer of 128 bytes. An attacker...
CVE-2018-3912
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. The strcpy call overflows the destination buffer, which has a size of 128...
Buffer overflow
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. The strcpy call overflows the destination buffer, which has a size of 128...
Coinhive – Monero JavaScript Mining Information Disclosure (SecretKey) Vulnerability
This Exploits allows the attacker to gain the secret key of either several targets by using dork provided, or specific target by following description. NOTICE: secretkey != privatekey of any wallet. This is private exploit. You can buy it at https://0day.today...
Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure (Metasploit)
Symantec Brightmail 10.6.0-7 - LDAP Credentials Disclosure Metasploit Exploit Title: Symantec Brightmail ldap credential Grabber Date: 18/04/2016 Exploit Author: Fakhir Karim Reda Vendor Homepage:...
EduSoho 最新版两处泄露accessKey和secretKey
简要描述: 可在官网重新绑定,发送云短信,下载安装应用。 详细说明: 出现问题的地方在安装文件/start-install.php false, ; $twig-addGlobal'edushoversion', \Topxia\System::VERSION; $step =intvalempty$GET'step' ? 0 : $GET'step'; $functionName = 'installstep' . $step; $functionName; use Topxia\Service\Common\ServiceKernel; use...
itBit Exchange: secretKey for OTP , is getting leaked in response of a delete request !
hey guys this is almost same as 44864 i could reproduce the same by deleting an 2FA device id POC Request :- DELETE /api/user/devices/9ed975d4-34ba-4057-8e21-db47ef2ccee9 HTTP/1.1 Host: beta.itbit.com User-Agent: Mozilla/5.0 Windows NT 6.3; WOW64; rv:36.0 Gecko/20100101 Firefox/36.0 Accept:...
phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability
No description provided by source. Title: phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability Release Date: 2011-04-30 Product Affected: http://startrekaccess.com/community/viewtopic.php?f=127&t=8675 Responsible Disclosure: After repeated attempts to get the vendor to fix this flaw, he has told me to...
Buffer overflow
Buffer overflow in the ActiveX control DartFtp.dll in Dart Communications PowerTCP FTP for ActiveX 2.0.2 0 allows remote attackers to execute arbitrary code via a long SecretKey property...