3242 matches found
CVE-2014-8116
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
UBUNTU-CVE-2014-8116
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
DEBIAN-CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
Code injection
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
CVE-2014-8485
CVE-2014-8485 concerns GNU Binutils’ libbfd (setup_group in bfd/elf.c). Affected: Binutils 2.24 and earlier. Issue: missing range checks in the ELF section group headers allow a remote attacker to crash the process or potentially execute arbitrary code. Impact: denial of service and possible code...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
UBUNTU-CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
CVE-2014-9243
Multiple cross-site scripting XSS vulnerabilities in WebsiteBaker 2.8.3 allow remote attackers to inject arbitrary web script or HTML via the 1 QUERYSTRING to wb/admin/admintools/tool.php or 2 sectionid parameter to editmodulefiles.php, 3 news/addpost.php, 4 news/modifygroup.php, 5...
CVE-2014-8683 XSS in Gogs Markdown Renderer
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 XSS in Gogs Markdown Renderer ============================= Researcher: Timo Schmid [email protected] Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 It is very similiar to the github...
CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid [email protected] Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go...
clientResponse Client Management 4.1 - Cross-Site Scripting
clientResponse Client Management 4.1 - Cross-Site Scripting Exploit Title: clientResponse Client Management XSS Vulnerability Date: 14-10-2014 Exploit Author: Halil Dalabasmaz Version: v4.1 Vendor Homepage: http://codecanyon.net/item/clientresponse-responsive-php-client-management/3797780 Tested...
Gogs Repository Search SQL Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 I...
Digi Online Examination System 2.0 - Unrestricted Arbitrary File Upload
Exploit Title: Digi Online Examination System Unrestricted File Upload Vulnerability Date: 12-10-2014 Exploit Author: Halil Dalabasmaz Version: v2.0 Software Link: http://codecanyon.net/item/digi-online-examination-system-does/8610180 Software Test Link: http://s1.digitalvidhya.com/doesv2/...
Serenity Client Management Portal 1.0.1 - Multiple Vulnerabilities
No description provided by source. Exploit Title: Serenity Client Management Portal Multiple Vulnerabilities Date: 08-10-2014 Exploit Author: Halil Dalabasmaz Version: v1.0.1 Software Link: http://codecanyon.net/item/serenity-client-management-portal/9136098 Software Test Link:...
Serenity Client Management Portal 1.0.1 Cross Site Scripting
Exploit Title: Serenity Client Management Portal Multiple Vulnerabilities Date: 08-10-2014 Exploit Author: Halil Dalabasmaz Version: v1.0.1 Software Link: http://codecanyon.net/item/serenity-client-management-portal/9136098 Software Test Link: http://www.zenperfectdesign.com/demo/serenity-cc/...
KLA10610 Security bypass vulnerability in Microsoft IIS
Improper wildcard processing was found in Microsoft IIS. By exploiting this vulnerability malicious users can bypass intended rules. This vulnerability can be exploited remotely via a specially designed HTTP request. Original advisories CVE-2014-4078 Related products...