142 matches found
Open Redirect
clearance has open redirect vulnerability. An attacker is able to exploit the vulnerability by injecting the value of session:returnto with multiple leading slashes...
CVE-2021-29988
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Aruba Networks AirWave Management Platform Command Injection Vulnerability (CNVD-2021-15042)
Aruba Networks AirWave Management Platform is a suite of network management software for multi-vendor management from Aruba Networks. The software provides real-time monitoring, proactive alerting and historical data reporting. A command injection vulnerability exists in the web management...
Binary Vulnerability in Quick Controls Configuration Software
QuickControl Configuration Software is a monitoring software used in industrial power and other fields. A binary vulnerability exists in Quick Control Configuration Software. An attacker can exploit the vulnerability by sending constructed data that will cause the operating environment to crash a...
Memory Out-of-Bounds Access Vulnerability in GX Works2
GX Works2 is a PLC programming software. A memory out-of-bounds access vulnerability exists in GX Works2. An attacker could exploit this vulnerability to cause the program to crash...
Composr CMS 10.0.34 - 'banners' Persistent Cross Site Scripting
Exploit Title: Composr CMS 10.0.34 - 'banners' Persistent Cross Site Scripting Date: 3-12-2020 Exploit Author: Parshwa Bhavsar Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.34 Tested on: Windows 10/ Kali Linux Steps To Reproduce :- 1. Install the CM...
Siemens S7-400 PLC has an industrial control device vulnerability
The S7-400 PLCs are programmable controllers for use in the mid- to high-grade performance range. A vulnerability exists in the Siemens S7-400 PLC for industrial control devices. An attacker can exploit the vulnerability to cause the control device to stop, the RUN light to go out, the STOP light...
Microsoft Excel Remote Code Execution Vulnerability (CNVD-2021-01037)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A remote code execution vulnerability exists in Microsoft Excel. An attacker can exploit this vulnerability to execute code in the current process...
CVE-2020-3365
A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the logic that governs directo...
Another Intel Speculative Execution Vulnerability
Remember Spectre and Meltdown? Back in early 2018, I wrote: Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality of data. Now that they -- and the research into the Intel ME vulnerability -- have shown researchers where to look, more is coming --...
CVE-2019-11764
Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefo...
Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication
Regular expression denial of service vulnerability of WEBrick’s Digest authentication module was found. An attacker can exploit this vulnerability to cause an effective denial of service against a WEBrick service...
Cross-Site Scripting (XSS) in GlobalProtect Portal Login Page
A Cross-Site Scripting XSS vulnerability exists in the PAN-OS GlobalProtect Portal Login page. Ref. PAN-99830; CVE-2018-10141 Successful exploitation of this issue may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. This issue affects PAN-OS 8.1.3 and earlier. PAN-OS 8.0...
Dup Scout Enterprise 9.9.14 Buffer Overflow
!/usr/bin/python Exploit Title : Dup Scout Enterprise v9.9.14 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 22/08/2017 Software Link :...
Disk Pulse Enterprise 9.9.16 Buffer Overflow
!/usr/bin/python Exploit Title : Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 21/08/2017 Software Link :...
CVE-2016-7907
The imxfecdotx function in hw/net/imxfec.c in QEMU aka Quick Emulator does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via vectors involving a buffer descript...
CVE-2016-4542
The exifprocessIFDTAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted...
CVE-2016-3717
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image...
Express Zip 2.40 - Directory Traversal
Express Zip 2.40 - Directory Traversal !/usr/bin/python -w Title : Express Zip = 2.40 Path Traversal Date : 07/04/2016 Author : R-73eN Tested on : Windows Xp / Windows 7 Ultimate Software Link : http://www.nchsoftware.com/zip/ Download Link: http://www.nchsoftware.com/zip/zipplus.exe Vulnerable...
CVE-2015-8789
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document...