MySQL Smart Reports 1.0 - id SQL Injection Cross-Site Scripting

MySQL Smart Reports 1.0 - id SQL Injection Cross-Site Scripting Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage:...

CVE-2017-16512

The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...

Design/Logic Flaw

The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...

CVE-2017-14702

ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary code, related to "com.branaghgroup.ecers.update.UpdateRequest" object deserialization...

LineageOS 'msm_bus_dbg.c' null pointer references denial of service leaks

LineageOS is an open source operating system based on Android for smartphones and tablets. androidkernelhuaweimsm8916 is a processor. The androidkernelhuaweimsm8916 2017-06-16 and earlier versions of LineageOS have a 'msmbusdbg' in the drivers/platform/msm/msmbus/msmbusdbg.c file...

CVE-2017-6899

The msmbusdbgupdaterequestwrite function in drivers/platform/msm/msmbus/msmbusdbg.c in androidkernelhuaweimsm8916 through 2017-06-16 in LineageOS, and possibly other kernels for MSM devices, allows attackers to cause a denial of service NULL pointer dereference and device crash via a crafted...

F5 Networks BIG-IP : BIND vulnerability (SOL12986)

Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a Denial of Service DoS named daemon crash by way of a crafted UPDATE request. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

Integer overflow

Integer overflow in the virtionethandlemac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow...

Threat Outbreak Alert: Fake Payment Update Request Email Messages on January 27, 2014

Medium Alert ID: 32578 First Published: 2014 January 27 18:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment update request for the recipient. The text in the email message attempts to convince the recipient t...

Solr: XML eXternal Entity (XXE) flaw in XML and XSLT UpdateRequestHandler

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

Nagstamon: Information disclosure

Background Nagstamon is a Nagios status monitor application. Description Nagstamon’s automatic request to check for updates includes plaintext username and password information for one of the monitor servers that the Nagstamon instance connects to. Impact A remote attacker could eavesdrop on this...

Solr: XML eXternal Entity (XXE) flaw in XML and XSLT UpdateRequestHandler

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

Solr: XML eXternal Entity (XXE) flaw in XML and XSLT UpdateRequestHandler

The 1 UpdateRequestHandler for XSLT or 2 XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, different...

DEBIAN-CVE-2013-6407

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

CVE-2013-4284

Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service CPU and memory consumption via a crafted Ajax update request...

Cross site request forgery (csrf)

Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service CPU and memory consumption via a crafted Ajax update request...

CVE-2013-4284

Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service CPU and memory consumption via a crafted Ajax update request...

UBUNTU-CVE-2013-4114

The automatic update request in Nagstamont before 0.9.10 uses a cleartext base64 format for transmission of a username and password, which allows remote attackers to obtain sensitive information by sniffing the network...

SOL12986 - BIND vulnerability CVE-2011-2464

Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a Denial of Service DoS named daemon crash by way of a crafted UPDATE request. Information about this advisory is available at the following...

Mandriva Update for bind MDVSA-2011:115 (bind)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...