106 matches found
CVE-2016-10712
In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled e.g., during file uploads. For example, a "$uri = streamgetmetadatafopen$file, "r"'uri'" call mishandles the case where $file is...
CVE-2018-4878
creationtimestamp| type| source ---|---|--- 2018-02-02 07:54:56+00:00| exploited| https://t.me/SecLabNews/1435 2018-02-03 11:51:46+00:00| exploited| https://t.me/informationsecuritychannel/12804 2018-02-03 13:10:56+00:00| exploited| https://t.me/informationsecuritychannel/12807 2018-02-03...
Microsoft security solutions against ransomware and APT
Last Tuesday I was invited to Microsoft business breakfast "Effective protection against targeted and multilevel attacks". Here I would like to share some of my thoughts on this. Need to mention that the food was delicious and the restaurant of Russian Geographical Society is a very lovely place...
FreeRDP Rdp Client GCC Read Server Security Data Denial of Service Vulnerability(CVE-2017-2837)
Summary An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in...
UBUNTU-CVE-2017-2837
An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the...
Vulnerability Spotlight: FreeRDP Multiple Vulnerabilities
Vulnerabilities discovered by Tyler Bohan of TalosOverviewTalos has discovered multiple vulnerabilities in the FreeRDP product. FreeRDP is a free implementation of the Remote Desktop Protocol RDP originally developed by Microsoft. RDP allows users to connect remotely to systems so they can be...
FreeRDP Rdp Client GCC Read Server Security Data Denial of Service Vulnerability
Summary An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in...
USN-3299-1 firefox update
Some security information preloaded in Firefox was due to expire before the next scheduled release. This update bumps the expiration times...
x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version
x8664 Linux shellreversetcp with Password - Polymorphic Version. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version 122 bytes...
The Linux kernel mention the right vulnerability analysis and the use of CVE-2 0 1 6-0 7 2 8-a vulnerability warning-the black bar safety net
Security research team Perception Point found a Linux system the kernel exists in a high-risk level of the local privilege escalation 0day vulnerabilities, numbered CVE-2 0 1 6-0 7 2 8 in. There are currently more than 6 6% of Android phones and 1 0 0 0 million Linux PCS and servers are affected ...
ASPNuke 0.80 Comments.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13315/info ASPNuke is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could resu...
CVE-2006-2492
creationtimestamp| type| source ---|---|--- 2013-09-09 12:51:06+00:00| seen| MISP/522dbc07-2e20-4aaf-8936-39d4ac1d4fa4 2023-06-14 21:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24 20:31:59+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971623 2025-02-23...
'The Chinese Are Not Going to Stop'
The news that the attack on Google in 2009 also compromised a database holding warrants for lawful intercept surveillance on users has raised fears about the security of national security data on private networks. Cyberspionage operations pose a serious threat to national security, and these...
NSA to Run $1.5B Security Data Center
The National Security Agency is going to run a planned $1.5 billion data center in Utah that will serve as a support center for the government’s information security programs. The exact mission and function of the data center is a bit unclear, however. The NSA’s core mission is to collect and...
Experts call for better measurement of security
If there’s one key message coming through all of the noise at the RSA Conference this week it’s the fact that there’s a pressing need for more data. Data on attacks, data on vulnerabilities, data on data breaches, data on software security, data on everything having to do with security. The...
CVE-2003-0625
...
CVE-2021-32884
...
CVE-2013-5251
...
CVE-2022-33893
CVE-2022-33893 entry is rejected and not used; it does not represent an active vulnerability.
CVE-2018-4634
...