Exploit for Code Injection in Nette Application

CVE-2020-15227 DISCLAIMER! I take no responsibility of using...

Server buffer overflow in Pure Faction <= 3.0c

Application: Pure Faction http://www.purefaction.org Versions: = 3.0c Platforms: Windows Bug: server buffer overflow Risk: highly critical Exploitation: remote and automatic requires attacker to have joined server Date: 13 Mar 2015 Author: soulsgetnothing e-mail: soulsgetnothing at hotmail dot co...

Oracle Solaris Third-Party Patch Update : keystone (cve_2014_3520_privilege_escalation)

The remote Solaris system is missing necessary patches to address security updates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Oracle Third Party software advisories. include'deprecatednasllevel.inc';...

Oracle Solaris Third-Party Patch Update : net-snmp (cve_2012_2141_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The perltrapdhandler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service snmptrapd crash via ...

Oracle Solaris Third-Party Patch Update : openssl (cve_2012_2333_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer...

Oracle Solaris Third-Party Patch Update : freetype (multiple_buffer_errors_vulnerabilities_in)

The remote Solaris system is missing necessary patches to address security updates : - FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an 'allocation error' in t...

Oracle Solaris Third-Party Patch Update : proftpd (cve_2011_4130_use_after)

The remote Solaris system is missing necessary patches to address security updates : - Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

Oracle Solaris Third-Party Patch Update : lua (cve_2014_5461_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a...

Oracle Solaris Third-Party Patch Update : openssl (cve_2014_0224_cryptographic_issues1)

The remote Solaris system is missing necessary patches to address security updates : - OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark10)

The remote Solaris system is missing necessary patches to address security updates : - The nfsnamesnoopaddname function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote...

Oracle Solaris Third-Party Patch Update : ejabberd (cve_2013_6169_cryptographic_issues)

The remote Solaris system is missing necessary patches to address security updates : - The modpubsub module modpubsub.erl in ejabberd 2.1.8 and 3.0.0-alpha-3 allows remote authenticated users to cause a denial of service infinite loop via a stanza with a publish tag that lacks a node attribute...

Oracle Solaris Third-Party Patch Update : gimp (cve_2012_4245_arbitrary_code)

The remote Solaris system is missing necessary patches to address security updates : - The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command. CVE-2012-4245 %NASLMINLEVEL 70300 C Tenable...

Oracle Solaris Third-Party Patch Update : perl-58 (cve_2011_2728_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - The bsdglob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service crash via a glob expression with the GLOBALTDIRFUNC flag, which triggers an...

Oracle Solaris Third-Party Patch Update : memcached (cve_2013_0179_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - The processbindelete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service segmentation fault via a...

Oracle Solaris Third-Party Patch Update : sudo (multiple_permissions_privileges_and_access)

The remote Solaris system is missing necessary patches to address security updates : - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting th...

Oracle Solaris Third-Party Patch Update : wireshark (multiple_denial_of_service_vulnerabilities2)

The remote Solaris system is missing necessary patches to address security updates : - The dissectpacket function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service application crash via a long packet in a capture file, as...

Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in the newmsglsachangenotify function in the OSPFD API ospfapi.c in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers...

Oracle Solaris Third-Party Patch Update : perl-512 (cve_2012_5195_heap_buffer)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the Perlrepeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service...

Oracle Solaris Third-Party Patch Update : modsecurity (cve_2012_2751_improper_input)

The remote Solaris system is missing necessary patches to address security updates : - ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data...

Oracle Solaris Third-Party Patch Update : tomcat (cve_2013_0346_permissions_privileges)

The remote Solaris system is missing necessary patches to address security updates : - DISPUTED Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has...