USN-3184-1 irssi vulnerabilities

It was discovered that the Irssi buf.pl script set incorrect permissions. A local attacker could use this issue to retrieve another user's window contents. CVE-2016-7553 Joseph Bisch discovered that Irssi incorrectly handled comparing nicks. A remote attacker could use this issue to cause Irssi t...

TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection Exploit

TrueOnline is a major ISP in Thailand, and it distributes a customized version of the Billion 5200W-T router. This customized version has at least two command injection vulnerabilities, one authenticated and one unauthenticated, on different firmware versions. This Metasploit module will attempt ...

TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection Exploit

TrueOnline is a major ISP in Thailand, and it distributes a customised version of the ZyXEL P660HN-T v1 router. This customised version has an unauthenticated command injection vulnerability in the remote log forwarding page. This Metasploit module was tested in an emulated environment, as the...

Cross site scripting

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

UBUNTU-CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

CVE-2013-7454

Removed by vendor...

TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection

TrueOnline is a major ISP in Thailand, and it distributes a customized version of the ZyXEL P660HN-T v2 router. This customized version has an authenticated command injection vulnerability in the remote log forwarding page. This can be exploited using the "supervisor" account that comes with a...

TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection

TrueOnline is a major ISP in Thailand, and it distributes a customized version of the ZyXEL P660HN-T v1 router. This customized version has an unauthenticated command injection vulnerability in the remote log forwarding page. This module was tested in an emulated environment, as the author doesn'...

D-Bus: Format string vulnerability

Background D-Bus is a message bus system, a simple way for applications to talk to one another. Description It was discovered that D-Bus incorrectly handles certain format strings. The impact of this new vulnerability is believed to not be exploitable if D-Bus is patched against CVE-2015-0245. Th...

MS15-007: Vulnerability in Network Policy Server RADIUS implementation could cause denial of service: January 13, 2015

MS15-007: Vulnerability in Network Policy Server RADIUS implementation could cause denial of service: January 13, 2015 Summary This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow denial of service on Internet Authentication Service IAS or...

CVE-2017-5196

Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service out-of-bounds read and crash via vectors involving strings that are not UTF8...

UBUNTU-CVE-2017-5196

Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service out-of-bounds read and crash via vectors involving strings that are not UTF8...

Python's new string format vulnerability analysis-vulnerability warning-the black bar safety net

This article on Python introduced a formatted string of the new syntax of the security vulnerabilities in-depth analysis, and provide appropriate security solutions. When we are on untrusted user input using str. the format of the time, will bring security risks-for this problem, in fact I have...

PT-2016-3318 · Libevent +5 · Libevent +5

Name of the Vulnerable Software and Affected Versions: libevent versions prior to 2.1.6-beta Description: The issue is related to a stack-based buffer overflow in the evutil parse sockaddr port function, which can be exploited by attackers to cause a denial of service, resulting in a segmentation...

CURL-CVE-2016-9594 uninitialized random

libcurl's new internal function that returns a good 32-bit random value was implemented poorly and overwrote the pointer instead of writing the value into the buffer the pointer pointed to. This random value is used to generate nonces for Digest and NTLM authentication, for generating boundary...

Cross-site Scripting (XSS)

jqGrid is vulnerable to cross-site scripting XSS attacks. These attacks are possible because HTML is being directly made from untrusted data with no escaping of attribute strings...

printf floating point buffer overflow

libcurl's implementation of the printf functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion outputs more than 255 bytes. The flaw happens because the floating point conversion is using system functions without the correct boundary check...

UBUNTU-CVE-2016-9586

curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks...

Arbitrary Code Execution Vulnerability in CoreFoundation Component of Multiple Apple Products

Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; watchOS is a smartwatch operating system. coreFoundation is one of the C application programming interface API components. A security vulnerability exists in the...