11967 matches found
[SECURITY] Fedora 26 Update: kernel-4.13.12-200.fc26
The kernel meta package...
CVE-2012-2456
CVE-2012-2456 is rejected/not used and does not represent an active vulnerability entry.
[SECURITY] Fedora 27 Update: kernel-4.13.11-300.fc27
The kernel meta package...
Bitwarden: Vulnerable exported broadcast receiver
Good evening, This is actually in your code base this time. : Since the following broadcast receiver has export=true it can be exploited by 3rd parties. Vulnerability com.x8bit.bitwarden.PackageReplacedReceiver has exported set to true making the receiver vulnerable to tampering. F238236 POC I wa...
News and Updates from the PCI Europe Community Meeting
In September, Hurricane Irma forced the PCI SSC to cancel the North America Community Meeting; and the uncertainty of Catalonian independence from Spain may have led some to stay home from the Europe Community Meeting held in Barcelona last week. Nevertheless, the Coalfire team was well-represent...
BOHEMIA INTERACTIVE a.s.: 217.147.95.145 NFS Exposed with Zeus Server configs
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report! Description:...
phuketraceweek.com XSS vulnerability
Open Bug Bounty ID: OBB-388217 Description| Value ---|--- Affected Website:| phuketraceweek.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
openSUSE Security Update : freeradius-server (openSUSE-2017-1192)
This update for freeradius-server fixes the following issues : Fix a number of security issues found via fuzzing by Guido Vranken See http://freeradius.org/security/fuzzer-2017.html for details. boo1049086 - CVE-2017-10987 / FR-GV-304: DHCP - Buffer over-read in frdhcpdecodesuboptions -...
WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)
Exploit Title :WordPress Polls plugin1.2.4 SQL Injection vulnerability Vulnerable version:Download Link : https://downloads.wordpress.org/plugin/polls-widget.1.2.4.zip //////////////////////// /// Overview: //////////////////////// WordPress Polls plugin is a tool for creating polls and survey...
Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection
Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-WINDOWS-GAME-DEFINITION-FILE-MAKER-v6.3.9600-XML-EXTERNAL-ENTITY.txt + ISR: ApparitionSec...
CVE-2017-15601
In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTORpngextractmethod function in plugins/pngextractor.c, related to processiTXt and stndup...
biblioteca.spda.org.pe XSS vulnerability
Vulnerable URL: http://biblioteca.spda.org.pe/biblioteca/catalogo//buscar.php?search="'--!...
ONVIF Device Services
Nessus was able to map the enabled ONVIF services on the remote device by sending a GetCapabilities SOAP request. include"compat.inc"; if description scriptid103866; scriptversion"$Revision: 1.2 $"; scriptcvsdate"$Date: 2017/10/31 18:41:24 $"; scriptnameenglish:"ONVIF Device Services";...
open62541/fuzz_binary_message: Crash in UA_SecureChannel_processChunk
Project: https://github.com/open62541/open62541.git Detailed report: https://oss-fuzz.com/testcase?key=6734765949452288 Project: open62541 Fuzzer: libFuzzeropen62541fuzzbinarymessage Fuzz target binary: fuzzbinarymessage Job Type: libfuzzerubsanopen62541 Platform Id: linux Crash Type: UNKNOWN REA...
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes)
Linux/x86 - execve/bin/sh Polymorphic Shellcode 30 bytes. Shellcode exploit for Linx86 platform / Title: Linux/x86 - Polymorphic execve /bin/sh x86 shellcode - 30 bytes Author: Manuel Mancera @sinkmanu Tested on: Linux 3.16.0-4-586 1 Debian 3.16.43-2+deb8u2 2017-06-26 i686 GNU/Linux...
CVE-2017-15194
include/globalsession.php in Cacti 1.1.25 has XSS related to 1 the URI or 2 the refresh page...
Apache OpenMeetings Web Services Detection
This host is running Apache OpenMeetings, a software used for presenting, online training, web conferencing, collaborative whiteboard drawing and document editing, and user desktop sharing. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced...
Paragon Initiative Enterprises: CSRF token does not valided during blog comment
SUMMURY ================= i tested that all post request has CSRF token. During Author profile creation also a CSRF token is posted. Now when i removed this CSRF token , show s error like bellow CSRF validation failed 0 /var/www/csprng/src/Cabin/Bridge/Controller/Author.php52:...
isosolved.com XSS vulnerability
Vulnerable URL: http://www.isosolved.com/default.asp?msg="'--!alert/Y4R4G/...
Dnsmasq < 2.78 - Information Leak
''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html Sadly, there are no easy docker setup instructions available. Setup a simple network with...