Seyeon FlexWATCH Network Video Server 2.2 Unauthorized Administrative Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8942/info It has been reported that FlexWATCH Network Video Server may be prone to an access validation error that may allow a remote attacker to gain administrative access to the system. The problem is reported to presen...

Active Classifieds 1.0 Arbitrary Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2942/info Active Classifieds is a CGI package that provides an online classified advertisement listing and management system. An origin validation error exists in the Free Edition of Active Classifieds that may allow remo...

Mambo Open Source 4.0.14 PollBooth.PHP Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9197/info Mambo Open Source is prone to SQL injection attacks. This is due to an input validation error in 'pollBooth.php'. In particular, various user-supplied variables are used in an SQL query without proper sanitizati...

Microburst uDirectory 2.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2884/info uDirectory is an online directory and listing management system. An input validation error exists in uDirectory that may allow remote users to execute arbitrary commands on a host running the software...

VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow

No description provided by source. $Id: vlcmodplugs3m.rb 12282 2011-04-08 15:48:53Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

MS HyperV Persistent DoS Vulnerability

No description provided by source. Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ MS HyperV Persistent DoS Vulnerability 1. Advisory Information Title: MS HyperV Persistent DoS Vulnerability Advisory ID: CORE-2011-0203 Advisory URL:...

Linux kernel 2.2/2.4 procfs Stream Redirection to Process Memory Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2937/info The Linux /proc filesystem is a virtual filesystem provided by the Linux Kernel as an interface to some process and system information and parameters. Under certain circumstances, an access validation error may...

MS WINS ECommEndDlg Input Validation Error

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ MS WINS ECommEndDlg Input Validation Error 1. Advisory Information Title: MS WINS ECommEndDlg Input Validation Error Advisory ID: CORE-2011-0526 Advisory URL:...

openSUSE Security Update : bind (openSUSE-SU-2010:1031-1)

Adding certain types of signed negative responses to cache doesn't clear any matching RRSIG records already in cache. A subsequent lookup of the cached data can cause named to crash CVE-2010-3613. bind did not properly determine the security status of an NS RRset during a DNSKEY algorithm rollove...

Atmail Webmail < 6.5.0 'DOM processor' XSS

According to its version, the Atmail Webmail install on the remote host is a version prior to 6.5.0. It is, therefore, potentially affected by an input validation error related to the 'DOM processor' and 'script' tags that could allow cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable...

Oracle VM VirtualBox < 3.2.22 / 4.0.24 / 4.1.32 / 4.2.24 / 4.3.8 Multiple Memory Corruption

The remote host contains a version of Oracle VM VirtualBox that is 3.2.x prior to 3.2.22, 4.0.24, 4.1.32, 4.2.24 or 4.3.8. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists in the function 'crNetRecvReadback' in the file...

VUPEN Security Research - Google Chrome &quot;Clipboard::WriteData&#40;&#41;&quot; Function Sandbox Escape &#40;Pwn2Own&#41;

VUPEN Security Research - Google Chrome Clipboard Format Processing Sandbox Escape Pwn2Own Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Google Chrome is a freeware web browser developed by Google. Chrome version 28 and beyond uses the WebK...

Google Chrome < 33.0.1750.149 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.149. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'speech' and 'web database' processing. CVE-2014-1700, CVE-2014-1702 - An input validation error...

Cisco Jabber for Windows 9.x < 9.2(2) 'Send Screen Capture' File Write

The version of Cisco Jabber for Windows installed on the remote host is 9.x prior to 9.22. It is, therefore, affected by an input validation error related to the 'Send Screen Capture' functionality that could allow a remote attacker to traverse directories, write arbitrary files and possibly...

Off-by-one error in FLASK_AVC_CACHESTAT hypercall

ISSUE DESCRIPTION The FLASKAVCCACHESTAT hypercall, which provides access to per-cpu statistics on the Flask security policy, incorrectly validates the CPU for which statistics are being requested. IMPACT An attacker can cause the hypervisor to read past the end of an array. This may result in...

Synology DiskStation Manager < 4.3-3776 Update 2 Multiple Vulnerabilities

According to its version number, the Synology DiskStation Manager installed on the remote host is a version prior to 4.3-3776 Update 2. It is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists in the 'externaldevices.cgi' script that allows any...

Computer Associates BrightStor ARCServe BackUp xdr_handle_t Code Execution - Ver2 (CVE-2007-1785)

A code execution vulnerability has been reported in BrightStor ARCserve Backup service. The vulnerability is due to an input validation error within mediasvr. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Flash Player <= 11.7.700.252 / 11.9.900.152 Multiple Vulnerabilities (APSB13-28)

According to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 11.7.700.252 / 11.8.x or 11.9.x equal or prior to 11.9.900.152. It is, therefore, potentially affected by the following vulnerabilities : - A type-confusion error exists that could all...

Nagios Looking Glass <= 1.1.0 beta 2 LFI Vulnerability - Active Check

Nagios Looking Glass is prone to a local file include LFI vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Windows Kernel Privilege Escalation Vulnerability (2914368)

This host is missing an important security update according to Microsoft Bulletin MS14-002 OpenVAS Vulnerability Test $Id: gbmicrosoftsecurityadvisory2914486.nasl 6115 2017-05-12 09:03:25Z teissa $ Microsoft Windows Kernel Privilege Escalation Vulnerability 2914368 Authors: Shashi Kiran N Updated...