Text now, Send later! - Customized SSL, Dynamic Code Loading, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application Text now, Send later! published at the 'play' market has multiple vulnerabilities...

shopify-scripts: Segmentation fault when a Ruby method is invoked by a C method via Object#send

We can arrange for C to call Objectsend by aliasing it over initialize. This will cause Classnew a C function to call initialize which is actually Objectsend with arbitrary arguments. If we invoke a Ruby method through Objectsend, mruby segfaults: def foo end class X aliasmethod :initialize, :sen...

Drupal Views Send Module Cross-Site Scripting Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community. View sending enables you to send emails to multiple users from a single view. A cross-site scripting vulnerability exists in the Drupal Views Send module due to the program failing to...

plus.arcademics.com XSS vulnerability

Vulnerable URL: https://plus.arcademics.com/sendpilotemail?jsoncallback=prompt/OPENBUGBOUNTY/...

lscat.cn XSS vulnerability

Vulnerable URL: http://www.lscat.cn/smstemplete/smssend.php?jsoncallback=prompt/OPENBUGBOUNTY/...

kernel: use-after-free via crafted IPV6 sendmsg for raw / tcp / udp / l2tp sockets.

It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service use-after-free and system crash via a crafted sendmsg system call...

Views Send - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2016-061

The Views Send module enables you to send mail to multiple users from a View. The module doesn't sufficiently filter potential user-supplied data when previewing the e-mail which can lead to a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker mus...

kernel: scsi: aacraid: double fetch in ioctl_send_fib()

A race condition flaw was found in the ioctlsendfib function in the Linux kernel's aacraid implementation. A local attacker could use this flaw to cause a denial of service out-of-bounds access or system crash by changing a certain size value...

kernel: scsi: aacraid: double fetch in ioctl_send_fib()

A race condition flaw was found in the ioctlsendfib function in the Linux kernel's aacraid implementation. A local attacker could use this flaw to cause a denial of service out-of-bounds access or system crash by changing a certain size value...

DokuWiki Cross-Site Request Forgery Vulnerability

DokuWiki is a German software developer Andreas Gohr developed a PHP-based Wiki engine , it is mainly used for small and medium-sized team and personal website knowledge base management , and provides version control , full-text search and permission control and other functions . A cross-site...

CVE-2016-3905

CORE/HDD/src/wlanhddmain.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application that sends a SENDACTIONFRAME command, aka Android internal bug 28061823 and Qualcomm internal bug CR 1001449...

realtoractioncenter.com XSS vulnerability

Open Bug Bounty ID: OBB-185408 Description| Value ---|--- Affected Website:| realtoractioncenter.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

lupusresearch.org XSS vulnerability

Vulnerable URL: http://www.lupusresearch.org/news-and-events/lupus-news/send-to-friend.jsp?pid=107753966=%22%3E%3Csvg/onload=alert/OPENBUGBOUNTY/%3E=%2Fmuseum%2Fsend-to-friend.jsp%3Fpid%3D455022595%26itemID%3D455058960 Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check...

edgewood.org XSS vulnerability

Vulnerable URL: http://www.edgewood.org/news/send-to-friend.jsp?pid=107753966=%22%3E%3Csvg/onload=alert/OPENBUGBOUNTY/%3E=%2Fmuseum%2Fsend-to-friend.jsp%3Fpid%3D455022595%26itemID%3D455058960 Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 18:5...

The vulnerability of Microsoft Exchange Server servers allows attackers to gain access to protected information from the Outlook application.

The vulnerability of Microsoft Exchange Server servers is related to improper analysis of email messages. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information in the Outlook application by using the “Send As” command...

CVE-2016-0138

Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application information by leveraging...

Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities

Document Title: =============== Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1882 Release Date: ============= 2016-08-01 Vulnerability Laboratory ID VL-ID: ====================================...

Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities

Document Title: =============== Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1882 Release Date: ============= 2016-07-31 Vulnerability Laboratory ID VL-ID: ====================================...

kernel security and bug fix update

3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...

Secure Mail unable to send large files.

Having problems using Secure Mail client in sending large files greater than 7 to 10MB Verifyed the WM Logs and could see the following error , where by the mail is send to the Outbox ERROR 2Response contained WBXML content with contentLength=15 for activeSyncCommand=SendMail INFO 4SendMail -...