Google Chrome File System API Policy Enforcement Deficiency Vulnerability (CNVD-2021-28288)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A File System API Policy Enforcement Insufficiency vulnerability exists in versions of Google Chrome prior to 88.0.4324.96. An attacker can exploit this vulnerabili...

Google Chrome File System API Policy Enforcement Deficiency Vulnerability

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A File System API Policy Enforcement Insufficiency vulnerability exists in versions of Google Chrome prior to 88.0.4324.96. An attacker can exploit this vulnerabili...

Google Chrome 安全漏洞

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A File System API Policy Enforcement Insufficiency vulnerability exists in versions of Google Chrome prior to 88.0.4324.96. An attacker can exploit this vulnerabili...

FreeSWITCH - Event Socket Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeSWITCH Event Socket Command Execution', 'Description' = %q This module uses the FreeSWITCH event socket interface to execute system commands...

CVE-2017-8413

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobile applications and...

Command injection

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

Command injection

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

EUVD-2017-17363

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

CVE-2017-8408

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request to test if SMB credentials and hostname sent to the device work proper...

CVE-2017-8408

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request to test if SMB credentials and hostname sent to the device work proper...

PT-2019-8631 · D Link · D-Link Dcs-1130

Name of the Vulnerable Software and Affected Versions: D-Link DCS-1130 devices affected versions not specified Description: An issue was discovered on D-Link DCS-1130 devices, where the device provides a user with the capability of setting a SMB folder for the video clippings recorded by the...

CVE-2017-8331

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set ...

CVE-2017-8331

CVE-2017-8331 affects Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The flaw in the port-forwarding feature allows crafted POST input to reach a system() call via the goahead binary (MIPS little-endian), where the POST parameter ip_address/ipaddress is extracted and con...

CVE-2017-8331

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set ...

CVE-2017-1000451

fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on childprocess.exec, however, the buildCommand method used to construct exec strings does not properly sanitize data and is vulnerable to command injection across all methods that use it and call exec...

chromium-browser: SafeBrowsing bypass

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

Google Chrome < 35.0.1916.153 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 35.0.1916.153. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist in the file system API. CVE-2014-3154 - An out-of-bounds read error exists related to SPDY...

Modify the PHP core Backdoor implementation-vulnerability warning-the black bar safety net

Developing A PHP Core Backdoor Author: wofeiwo/I non-I wofeiwoatgmaildotcom Directory 1Foreword 2The advantages and disadvantages of 3design 4functions to achieve 5reference to documents 6some description 1Foreword PHP is a very popular web server side script language. At present, many web...

Windows NT file function DoS

It may be possible to crash application using one of system APi function with oversized filename...