FreeBSD OpenSSH DoS

Race condition because of invalid thread-safe library linking...

Unbreakable Enterprise kernel Security update

2.6.39-400.215.12 - USB: whiteheat: Added bounds checking for bulk command response James Forshaw Orabug: 19849335 CVE-2014-3185 - HID: fix a couple of off-by-ones Jiri Kosina Orabug: 19849318 CVE-2014-3181 - KVM: x86: Improve thread safety in pit Andy Honig Orabug: 19905687 CVE-2014-3611...

CVE-2014-3661

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service thread consumption via vectors related to a CLI handshake...

CVE-2014-3661

CVE-2014-3661 affects Jenkins before 1.583 and LTS before 1.565.3 and causes a denial of service (thread consumption) through vectors related to a CLI handshake. The connected sources confirm this CVE entry and its description; no additional exploitation details are provided beyond the DoS impact...

RedHat Update for glibc RHSA-2014:1391-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-5496

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

PYSEC-2014-38

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

Design/Logic Flaw

kupuspellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service ZServer thread lock via a crafted URL...

MyBB 1.8 Beta 3 - Multiple Vulnerabilities

Title: MyBB 1.8 Beta 3 - Cross Site Scripting & SQL Injection Google Dork: intext:"Powered By MyBB" Date: 15.08.2014 Author: DemoLisH Vendor Homepage: http://www.mybb.com/ Software Link: http://www.mybb.com/downloads Version: 1.8 - Beta 3 Contact: [email protected] a Cross Site Scripting in...

OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...

Apache 2.4.7 mod_status - Scoreboard Handling Race Condition

Apache 2.4.7 modstatus - Scoreboard Handling Race Condition -- 0. Sparse summary Race condition between updating httpd's "scoreboard" and modstatus, leading to several critical scenarios like heap buffer overflow with user supplied payload and leaking heap which can leak critical memory containin...

Vanilla Forums LatestComment 1.1 Plugin Persistent XSS

No description provided by source. Title: Vanilla LatestComment 1.1 Plugin Persistant XSS Vulnerability Date: 18/5/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 + Latest Comment 1.1...

Motorola SB5101 Hax0rware Rajko HTTPD Remote Exploit PoC

No description provided by source. !/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB51...

Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit

No description provided by source. !/usr/bin/python Title: Mini HTTPD stack buffer overflow POST exploit Author: TheColonial Date: 20 Feb 2013 Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Vendor Homepage: http://www.picolix.jp/ Version: 1.21 Tested on: Windows XP Profession...

APBoard 2.0 2 Unauthorized Thread Reading Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6330/info A vulnerability has been reported for APBoard that may allow unauthorized users to read postings in internal forums. The vulnerability is a result of the 'useraction.php' script failing to properly check user...

Microsoft Windows VISTA/2008 - Thread Pool ACL Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34444/info Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected...

vanilla forums poll plugin 0.9 - Stored XSS

No description provided by source. Title: Vanilla Poll 0.9 Stored XSS Date: 1/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 + Vanilla Poll 0.9 http://vanillaforums.org/download http://vanillaforums.org/addon/poll-plugin...

Systrace Multiple System Call Wrappers Concurrency Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/25258/info Systrace is prone to multiple concurrency vulnerabilities due to its implementation of system call wrappers. This problem can result in a race condition between a user thread and the kernel. Attackers can explo...

yMonda Thread-IT 1.6 - Multiple Fields HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8692/info It has been reported that yMonda Thread-IT is prone to a HTML injection vulnerability that may allow an attacker to execute HTML code in a user's browser. The issue is reported to be present in the 'Topic Title'...

wpbf - WordPress Brute Force

The script will try to login into the WordPress dashboard through the login form using a mixture of enumerated usernames, a wordlist and relevant keywords from the blog's content. If a single username is given, the script will not search for additional usernames. When a correct username/passwords...