11967 matches found
CVE-2013-6540
...
CVE-2015-7129
...
CVE-2016-3328
...
CVE-2006-1170
...
Siemens devices using the PROFINET Discovery and Configuration Protocol (Update J)
CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...
Microsoft Windows SMB Server CVE-2017-0269 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microso...
sid.southampton.gov.uk XSS vulnerability
Vulnerable URL: http://sid.southampton.gov.uk/kb5/southampton/directory/results.action?qt==day+services=distance=0=1=180=10=ADD="...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9865. Reason: This candidate is a reservation duplicate of CVE-2016-9865. Notes: All CVE users should reference CVE-2016-9865 instead of this candidate. All references and descriptions in this candidate have been removed to...
Web Exploit Detector - Tool To Detect Possible Infections, Malicious Code And Suspicious Files In Web Hosting Environments
The Web Exploit Detector is a Node.js application and NPM module used to detect possible infections, malicious code and suspicious files in web hosting environments. This application is intended to be run on web servers hosting one or more websites. Running the application will generate a list of...
Serviio PRO 1.8 DLNA Media Streaming Server (mediabrowser) XSS
Serviio PRO 1.8 DLNA Media Streaming Server mediabrowser DOM Based XSS Vendor: Petr Nejedly | Six Lines Ltd Product web page: http://www.serviio.org Affected version: 1.8.0.0 PRO, 1.7.1, 1.7.0, 1.6.1 Summary: Serviio is a free media server. It allows you to stream your media files music, video or...
Ghostscript remote code execution (CVE-2017-8291) (ghostbutt)
No description provided by source. %!PS-Adobe-3.0 EPSF-3.0 %%BoundingBox: -0 -0 100 100 /sizefrom 10000 def /sizestep 500 def /sizeto 65000 def /enlarge 1000 def %/bigarr 65000 array def 0 sizefrom sizestep sizeto pop 1 add for /buffercount exch def /buffersizes buffercount array def 0 sizefrom...
Input Validation Bypass
Apache Hadoop HDFS is vulnerable to input validation bypass. The attack is possible because it does not correctly handle the validation of the input to NameNode when it is sent as a query parameter during the interaction of the HDFS client with the DataNode in the HDFS namespace browsing. A user...
Chrome Universal XSS using exceptions thrown from Object.observe (CVE-2015-1304)
VULNERABILITY DETAILS From /v8/src/object-observe.js: function ObjectObserveobject, callback, acceptList ... var objectObserveFn = %GetObjectContextObjectObserveobject; return objectObserveFnobject, callback, acceptList; From /v8/src/runtime/runtime-observe.cc:...
exyuTV - Dynamic Code Loading, External URLs, Possible privilege escalation vulnerabilities
HackApp vulnerability scanner discovered that application exyuTV published at the 'play' market has multiple vulnerabilities...
PHPCMS V9 arbitrary file download Windows
A, background Arbitrary File Download vulnerability and the PHPCMS v9. 6. 0 wap module SQL injection on in the same file, but the trigger point in the download function. Second, the details 漏洞文件在phpcms\modules\content\down.php vulnerability to trigger the function: php public function download th...
Asterisk 13.13 < 13.13-cert3 / 13.x < 13.14.1 / 14.x < 14.3.1 CDR user Field RCE (AST-2017-001)
According to its SIP banner, the version of Asterisk running on the remote host is 13.13 prior to 13.13-cert3, 13.x prior to 13.14.1, or 14.x prior to 14.3.1. Is it, therefore, affected by a buffer overflow condition due to a failure to check the size when setting the user field on a CDR. An...
Apple WebKit - Document::adoptNode Use-After-Free Exploit
Exploit for multiple platform in category dos / poc var s = document.body.appendChilddocument.createElement'script'; s.type = '0'; s.textContent = 'document.body.appendChildparent.i0'; var i0 = s.appendChilddocument.createElement'iframe'; s.type = ''; var f =...
Solaris 7 < 11 (SPARC/x86) - 'EXTREMEPARR' dtappgather Privilege Escalation
!/bin/ksh Exploit PoC reverse engineered from EXTREMEPARR which provides local root on Solaris 7 - 11 x86 & SPARC. Uses a environment variable of setuid binary dtappgather to manipulate file permissions and create a user owned directory anywhere on the system as root. Can then add a shared object...
WebKit ComposedTreeIterator::traverseNextInShadowTree Use-After-Free
WebKit: ComposedTreeIterator::traverseNextInShadowTree use-after-free CVE-2017-2466 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on a nightly version of WebKit. The PoC has also been observed to crash Safari 10.0.2 on Mac. PoC:...
oletools - Tools to analyze MS OLE2 files and MS Office documents, for malware analysis, forensics and debugging
oletools is a package of python tools to analyze Microsoft OLE2 files also called Structured Storage, Compound File Binary Format or Compound Document File Format, such as Microsoft Office documents or Outlook messages, mainly for malware analysis, forensics and debugging. It is based on the...