14 matches found
EUVD-2014-2137
Malware in sbrugna...
PT-2024-38155 · Mp3Tag · Mp3Tag
Name of the Vulnerable Software and Affected Versions: Mp3tag versions up to 3.26d Description: A vulnerability has been found in the library tak deco lib.dll of the component DLL Handler, leading to an uncontrolled search path. The manipulation can be launched on the local host. It is possible t...
FreeTAKServer Access Control Error Vulnerability
FreeTAKServer is an open source lightweight server from the FreeTAKTeam team. It is used to connect to TAK clients. FreeTAKServer suffers from an access control error vulnerability, which stems from the fact that Endpoint/ManageRoute/postRoute can be accessed without authentication, and can be...
Improper Authentication in FreeTAKServer
FreeTAKServer is an open source, lightweight Server for connect TAK clients. An access control issue in the component /ManageRoute/postRoute of FreeTAKServer version 1.9.8 allows unauthenticated attackers to cause a Denial of Service DoS via an unusually large amount of created routes, or create...
FreeTAKServer-UI SQL注入漏洞
FreeTAKServer-UI is an open source FTS web interface from the FreeTAKTeam team.FreeTAKServer-UI is vulnerable to SQL injection, which stems from the API endpoint/AuthenticateUser containing SQL injection into the SQLite3 database, which can be exploited by an attacker to obtain the database All...
tak.com.tr Cross Site Scripting vulnerability OBB-2307826
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Command Execution Vulnerability in FUDECMS of Qingdao Fudek Network Technology Co.
Qingdao Fu Tak Network Technology Co., Ltd. specializes in website design and production, network marketing and promotion. There is a command execution vulnerability in FUDECMS of Qingdao Fu De Network Technology Co. Attackers can use this vulnerability to obtain server privileges...
SQL Injection Vulnerability in Automotive Industry Management System of Shijiazhuang Dr. Tak Software Technology Development Co.
Shijiazhuang Dr. Tak Software Technology Development Co., Ltd. is one of the scientific research developers of business management software. A SQL injection vulnerability exists in the automotive industry management system of Shijiazhuang Dr. Tak Software Technology Development Co. The...
FFmpeg及Libav 'tak_decode_frame()' 函数越界拒绝服务漏洞
BUGTRAQ ID: 66055 CVECAN ID: CVE-2014-2097 FFmpeg是一个免费的可以执行音讯和视讯多种格式的录影、转档、串流功能的软件。 FFmpeg及Libav 2.1.4之前版本libavcodec/takdec.c内的takdecodeframe函数没有正确验证某个bits-per-sample值,这可使远程攻击者通过特制的TAK数据,利用此漏洞造成拒绝服务(越界数组访问)。 0 FFmpeg FFmpeg 2.1.4 厂商补丁: FFmpeg ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2014-2097
The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...
CVE-2014-2097
The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...
CVE-2014-2097
CVE-2014-2097 affects FFmpeg’s tak_decode_frame in libavcodec/takdec.c, where insufficient validation of bits-per-sample enables remote attackers to trigger a denial of service via crafted TAK data (out-of-bounds access). The Initial Description confirms the vulnerability and its impact. Connecte...
CVE-2014-2097
The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...
Vulnerabilities in TAK cms
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Insufficient Anti-automation и Brute Force уязвимостях в TAK cms это украинская CMS. Insufficient Anti-automation: http://site/about/contacts/ http://site/register/getpassword/ На данных страницах отсутствует защита от автоматизированных запросов...