4516 matches found
CVE-2017-13696
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful...
Buffer overflow
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful...
CVE-2017-13696
CVE-2017-13696 describes a buffer overflow in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16, triggered by crafting a malicious GET request. The flaw arises from improper handling/sanitization ...
CVE-2017-13696
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful...
Sync Breeze Enterprise 9.5.16 Import Command Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Sync Breeze...
Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Sync Breeze...
Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow
This module exploits a buffer overflow in Sync Breeze Enterprise 9.5.16 by using the import command option to import a specially crafted xml file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
CVE-2017-13184
In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...
CVE-2017-15664
In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...
CVE-2017-15664
In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...
CVE-2017-15664
CVE-2017-15664 affects Flexense Sync Breeze Enterprise v10.1.16. The vulnerability is a denial-of-service in the Control Protocol caused by processing a crafted SERVER_GET_INFO packet sent to TCP/9121, leading to availability impact. Public materials in the provided documents include a packet str...
CVE-2017-15664
In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVERGETINFO packet sent to control port 9121...
Information Disclosure
github.com/go-gitea/gitea is vulnerable to information disclosure. The vulnerability exists due to the lack of sanitization of sensitive information, such as passwords, in the logs of a mirrored sync...
Sync Breeze Enterprise 10.1.16 Denial Of Service
Exploit Title: Sync Breeze Enterprise Server v10.1.16 - Denial of Service Date: 2017-10-20 Exploit Author: Ahmad Mahfouz Software Link: http://www.syncbreeze.com/setups/syncbreezesrvsetupv10.1.16.exe Version: v10.1.16 Category; Windows Remote DOS CVE: CVE-2017-15664 Author Twitter: @eln1x...
Sync Breeze Enterprise 10.1.16 - Denial of Service
Sync Breeze Enterprise 10.1.16 - Denial of Service Exploit Title: Sync Breeze Enterprise Server v10.1.16 - Denial of Service Date: 2017-10-20 Exploit Author: Ahmad Mahfouz Software Link: http://www.syncbreeze.com/setups/syncbreezesrvsetupv10.1.16.exe Version: v10.1.16 Category; Windows Remote DOS...
Sync Breeze Enterprise 10.1.16 - Denial of Service
Exploit Title: Sync Breeze Enterprise Server v10.1.16 - Denial of Service Date: 2017-10-20 Exploit Author: Ahmad Mahfouz Software Link: http://www.syncbreeze.com/setups/syncbreezesrvsetupv10.1.16.exe Version: v10.1.16 Category; Windows Remote DOS CVE: CVE-2017-15664 Author Twitter: @eln1x...
Chromium, Google Chrome: Multiple vulnerabilities
Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices Description Multiple vulnerabilities have been discovered in Chromium and...
Back In Time: Command injection
Background A simple backup tool for Linux, inspired by “flyback project”. Description ‘Back in Time’ did improper escaping/quoting of file paths used as arguments to the ‘notify-send’ command leading to some parts of file paths being executed as shell commands within an os.system call. Impact A...
WDMyCloud < 2.30.165 - Multiple Vulnerabilities
WDMyCloud Multiple Vulnerabilities Vendor: Western Digital Product: WDMyCloud Version: = 2.30.165 Website: https://www.wdc.com/products/network-attached-storage.html / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,/// // /// // GulfTech Research and Development...
Easy!Appointments v1.2.1 Multiple Stored XSS Vulnerabilities
Summary Easy!Appointments is a highly customizable web application that allows your customers to book appointments with you via the web. Moreover, it provides the ability to sync your data with Google Calendar so you can use them with other services. It is an open source project and you can...