Google Picasa 'CAMF' Section Buffer Overflow Vulnerability - Windows

Google Picasa is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:picasa";...

husvagnsguiden.se XSS vulnerability

Vulnerable URL: http://www.husvagnsguiden.se/kopsalj/?search="';--=0=0 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status...

FreeBSD : libxml2 -- multiple vulnerabilities (e5423caf-8fb8-11e5-918c-bcaec565249c)

reports : CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...

libxml2 -- multiple vulnerabilities

reports: CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...

songlyrics.com XSS vulnerability

Vulnerable URL: http://www.songlyrics.com/index.php?section=search="onmouseover=confirm/XSSPOSED/+test==Search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13953 Google Pagerank|...

gmanetwork.com XSS vulnerability

Vulnerable URL: http://www.gmanetwork.com/ads?adid=1097200'...

CVE-2006-6297

Stack consumption vulnerability in the KFILE JPEG kfilejpeg plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service stack consumption via a crafted EXIF section in a JPEG file, which results in an infinite recursio...

SAP Netwaver - XML External Entity Injection

Title: SAP Netwaver - XML External Entity Injection Author: Lukasz Miedzinski GPG: Public key provided in attachment Date: 29/10/2014 CVE: CVE-2015-7241 Affected software : =================== SAP Netwear : 7.01 Vendor advisories only for customers: =================== External ID : 851975 2014...

Deriv.com: Cross Site Scripting

paulos reported xss in new account section of binary.com which was resolved by us...

Important: Red Hat Security Advisory: kvm security update

Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from t...

WordPress Fixes Stored XSS Vulnerability in Akismet

Developers at Automattic, the parent company behind the blogging platform WordPress, fixed a nasty stored cross-site scripting error this week in Akismet, an anti-spam plugin that figures into millions of websites. The bug was fixed Tuesday in an update, 3.1.5, according to Christopher Finke, an...

PE Static Malware Analysis: PortEx

PortEx is a Java library for static malware analysis of portable executable files. Its focus is on PE malformation robustness and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading Header information from: MSDOS Header, COFF File Header,...

Design/Logic Flaw

Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local users to gain privileges by entering an arbitrary program name in the Command field of the ApplicationLauncher section...

ciudadbolivar.gov.co XSS vulnerability

Vulnerable URL:...

AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: AutoCAD DWG and DXF To PDF Converter v2.2 Buffer Overflow Date: 9-5-2015 Software Link: http://www.verypdf.com/autocad-dwg-dxf-to-pdf/dwgdxftopdfsetup.exe Exploit Author: Robbie Corley Contact: email protected Website: CVE:...

Yiqicms 存储型XSS

yiqicms 最新版的1.9 留言区，跟1.8版本一样存在相同的问题。在评论区中对标题仅仅限制了30个字符长度的限制，没有进行任何。 if!pregmatch"/^.1,30$/",$msgtitle ShowMsg"请输入正确的标题"; exit; if!pregmatch"/^.1,10$/",$msgname ShowMsg"请输入您的姓名"; exit; if!pregmatch"/^.1,20$/",$msgcontact ShowMsg"请输入正确的联系方式"; exit; if!pregmatch"/^.1,200$/",$msgcontent...

The vulnerability of the MySQL database management system allows a hacker to compromise the accessibility of data.

The vulnerability of the Server sub-component in the Security section of the MySQL database management system is related to code errors. Exploiting this vulnerability can allow a malicious actor to compromise the accessibility of data...

phpipam-1.1.010 XSS Vulnerability

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPIPAM0812.txt Vendor: ================================ phpipam.net Product: ====================================== phpipam-1.1.010 Vulnerability Type:...

phpipam 1.1.010 Cross Site Scripting

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPIPAM0812.txt Vendor: ================================ phpipam.net Product: ====================================== phpipam-1.1.010 Vulnerability Type:...

vz.lt XSS vulnerability

Vulnerable URL: http://vz.lt/section/section/?template=x%00"...