1269 matches found
Hewlett Packard Enterprise Vertica validateAdminConfig Processor Arbitrary Command Execution Vulnerability
Hewlett Packard Enterprise Vertica is a data mining analysis system for SQL databases from Hewlett Packard Enterprise HPE. A security vulnerability exists in the validateAdminConfig processor in HPE Vertica. A remote attacker could exploit the vulnerability by providing the 'mcPort' parameter...
openSUSE Security Update : dropbear (openSUSE-2016-387)
dropbear was updated to 2016.72 to fix the following issues : Changes in dropbear : - updated to upstream version 2016.72 - Validate X11 forwarding input. Could allow bypass of authorizedkeys command= restrictions, found by github.com/tintinweb. Thanks for Damien Miller for a patch. - used as bug...
Apple OS X IOGraphicsFamily Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows local attackers to elevate privileges on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the IOGraphicsFamily interface. The issue lies failu...
WordPress Plugin Import CSV 1.0 - Directory Traversal
WordPress Plugin Import CSV 1.0 - Directory Traversal Exploit Title: Wordpress Import CSV | Directory Traversal Exploit Author: Wadeek Website Author: https://github.com/Wad-Deek Software Link: https://downloads.wordpress.org/plugin/xml-and-csv-import-in-article-content.zip Stable Tag: 1.1 Tested...
UBUNTU-CVE-2015-5295
The template-validate command in OpenStack Orchestration API Heat before 2015.1.3 kilo and 5.0.x before 5.0.1 liberty allows remote authenticated users to cause a denial of service memory consumption or determine the existence of local files via the resource type in a template, as demonstrated by...
DEBIAN-CVE-2015-8476
Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...
spice security update
0.12.4-9.3 - CVE-2015-5260 CVE-2015-5261 fixed various security flaws Resolves: rhbz1262771 0.12.4-9.2 - Validate surfaceid Resolves: rhbz1262771...
spice-server security update
0.12.4-12.3 - CVE-2015-5260 CVE-2015-5261 fixed various security flaws Resolves: rhbz1262769 0.12.4-12.2 - Validate surfaceid Resolves: rhbz1262769...
rtalabel.org XSS vulnerability
Vulnerable URL: http://www.rtalabel.org/?content=validate=17632092058dcb95f745944553483c47'%22%26%25prompt/XSSPOSED/...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3055)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3055 advisory. - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502741 CVE-2015-0239 CVE-2015-0239 - x86/tls: Validate TLS entries to protect espfix...
CVE-2015-3324
The ThinkServer System Manager TSM Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "encrypted remote KVM session," which allows man-in-the-middle attackers to spoof servers...
PYSEC-2015-14
The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command...
freetype: out-of-bounds read in tt_cmap4_validate()
The ttcmap4validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted cmap SF...
SuSE 11.3 Security Update : kvm and libvirt (SAT Patch Number 10222)
This collective update for KVM and libvirt provides fixes for security and non-security issues. kvm : - Fix NULL pointer dereference because of uninitialized UDP socket. bsc897654, CVE-2014-3640 - Fix performance degradation after migration. bsc878350 - Fix potential image corruption due to missi...
FreeType 'tt_cmap4_validate' Function Denial of Service Vulnerability
FreeType is the FreeType team developed a C-based , high-quality and portable open source font engine library , it can be used to rasterize the characters and mapped to bitmap and provide other font-related business support . A denial of service vulnerability exists in the FreeType...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)
This openjdk update fixes the following security and non security issues : - Upgrade to 2.4.8 bnc887530 - Changed back from gzipped tarball to xz - Changed the keyring file to add Andrew John Hughes that signed the icedtea package - Change ZERO to AARCH64 tarball - Removed patches : -...
CVE-2014-0489
APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package...
Race condition
The MCollective aessecurity plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to...
(0Day) Embarcadero ER/Studio Data Architect TSVisualization ActiveX loadExtensionFactory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Embarcadero ER/Studio Data Architect. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
File Store PRO 3.2 - Multiple Blind SQL Injection Vulnerabilities
No description provided by source. | File Store PRO 3.2 Blind SQL Injection | || Download from: http://upoint.info/cgi/demo/fs/filestore.zip - Need admin rights: /confirm.php: code ifisset$GETfolder && $GETfolder!= $folder=$GETfolder; else exitBad Request; ifisset$GETid && $GETid!= $id=$GETid; el...