Exploit for Code Injection in Nette Application

CVE-2020-15227 DISCLAIMER! I take no responsibility of using...

Server buffer overflow in Pure Faction <= 3.0c

Application: Pure Faction http://www.purefaction.org Versions: = 3.0c Platforms: Windows Bug: server buffer overflow Risk: highly critical Exploitation: remote and automatic requires attacker to have joined server Date: 13 Mar 2015 Author: soulsgetnothing e-mail: soulsgetnothing at hotmail dot co...

Oracle Solaris Third-Party Patch Update : freetype (multiple_buffer_errors_vulnerabilities_in)

The remote Solaris system is missing necessary patches to address security updates : - FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an 'allocation error' in t...

Oracle Solaris Third-Party Patch Update : proftpd (cve_2011_4130_use_after)

The remote Solaris system is missing necessary patches to address security updates : - Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

Oracle Solaris Third-Party Patch Update : ejabberd (cve_2013_6169_cryptographic_issues)

The remote Solaris system is missing necessary patches to address security updates : - The modpubsub module modpubsub.erl in ejabberd 2.1.8 and 3.0.0-alpha-3 allows remote authenticated users to cause a denial of service infinite loop via a stanza with a publish tag that lacks a node attribute...

Oracle Solaris Third-Party Patch Update : sudo (multiple_permissions_privileges_and_access)

The remote Solaris system is missing necessary patches to address security updates : - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting th...

Oracle Solaris Third-Party Patch Update : openssl (cve_2014_0224_cryptographic_issues1)

The remote Solaris system is missing necessary patches to address security updates : - OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length...

Oracle Solaris Third-Party Patch Update : net-snmp (cve_2012_2141_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The perltrapdhandler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service snmptrapd crash via ...

Oracle Solaris Third-Party Patch Update : perl-58 (cve_2011_2728_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The bsdglob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service crash via a glob expression with the GLOBALTDIRFUNC flag, which triggers an...

Oracle Solaris Third-Party Patch Update : lua (cve_2014_5461_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark10)

The remote Solaris system is missing necessary patches to address security updates : - The nfsnamesnoopaddname function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote...

Oracle Solaris Third-Party Patch Update : keystone (cve_2014_3520_privilege_escalation)

The remote Solaris system is missing necessary patches to address security updates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Oracle Third Party software advisories. include'deprecatednasllevel.inc';...

Oracle Solaris Third-Party Patch Update : openssl (cve_2012_2333_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer...

Oracle Solaris Third-Party Patch Update : gimp (cve_2012_4245_arbitrary_code)

The remote Solaris system is missing necessary patches to address security updates : - The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command. CVE-2012-4245 %NASLMINLEVEL 70300 C Tenable...

Oracle Solaris Third-Party Patch Update : memcached (cve_2013_0179_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - The processbindelete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service segmentation fault via a...

Oracle Solaris Third-Party Patch Update : gtk (cve_2012_2370_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in the readbitmapfiledata function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service application crash via a negative 1 height or 2 width in ...

Oracle Solaris Third-Party Patch Update : xdg-utils (cve_2008_0386_improper_input)

The remote Solaris system is missing necessary patches to address security updates : - Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to 1 xdg-open or 2 xdg-email. CVE-2008-0386 %NASLMINLEVEL 70300 C Tenab...

Oracle Solaris Third-Party Patch Update : libxslt (multiple_vulnerabilities_in_libxslt)

The remote Solaris system is missing necessary patches to address security updates : - The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive...

Oracle Solaris Third-Party Patch Update : perl (cve_2014_4330_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many...

Oracle Solaris Third-Party Patch Update : libotr (cve_2012_3461_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The 1 otrlbase64otrdecode function in src/b64.c; 2 otrlprotodatareadflags and 3 otrlprotoacceptdata functions in src/ proto.c; and 4 decode function in toolkit/parse.c in libotr before 3.2.1 allocates a...