16 matches found
EUVD-2015-6858
Malware in sbrugna...
AZL-52432 CVE-2024-50134 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...
Centreon 23.10-1.el8 SQL Injection Vulnerability
;; Postauth SQL Injection in Centreon 23.10-1.el8 ;; by code610 ;; ;; version: centreon-vbox-vm-2310-1.el8.zip ;; details: https://code610.blogspot.com/2024/04/postauth-sqli-in-centreon-2310-1el8.html ;; ;; sqlmap request.txt POST /centreon/main.get.php?p=60201 HTTP/1.1 Host: 192.168.56.156...
Jenkins vboxwrapper Plugin Cross-Site Scripting Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins vboxwrapper Plugin 1.3 and earlier versions are vulnerable to a...
CVE-2022-30968
Jenkins vboxwrapper Plugin 1.3 and earlier does not escape the name and description of VBox node parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
3dpwn
VirtualBox 3D PoCs & exploits Author: @niklasbhttps://t...
Design/Logic Flaw
The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call...
VBox Satellite Express Arbitrary Write Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation Title: VBox Satellite Express Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-005 Publication Date: 2015.09.16 Publication URL:...
VBox Satellite Express 2.3.17.3 - Arbitrary Write Vulnerability
A vulnerability within the ndvbs module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege. suffers from code execution, and local file...
VBox Satellite Express 2.3.17.3 - Arbitrary Write
KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation Title: VBox Satellite Express Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-005 Publication Date: 2015.09.16 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2015-005.txt 1...
VBox Satellite Express 2.3.17.3 - Arbitrary Write
VBox Satellite Express 2.3.17.3 - Arbitrary Write KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation Title: VBox Satellite Express Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-005 Publication Date: 2015.09.16 Publication URL:...
VBox Satellite Express Arbitrary Write Privilege Escalation
Vulnerability Details Affected Vendor: VBox Communications Affected Product: Satellite Express Protocol Affected Version: 2.3.17.3 Platform: Microsoft Windows XP SP3, Microsoft Windows 7 x86 CWE Classification: CWE-123: Write-what-where condition Impact: Arbitrary Code Execution Attack vector:...
CVE-2014-0983
Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/serverdispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8, when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromi...
CVE-2014-0983
CVE-2014-0983 affects Oracle VirtualBox 4.2.x (through 4.2.20) and 4.3.x (before 4.3.8). It describes multiple array-index errors in VBox’s generated OpenGL/SharedOpenGL server code (server_dispatch.py) that, when 3D acceleration is enabled, permit local guest OS users to execute arbitrary code o...
PBX Phone System 2.x - Multiple Vulnerabilities
PBX Phone System 2.x - Multiple Vulnerabilities PenTest Information: ==================== Global-Evolution Security Team remove discover multiple Vulnerabilities on PBX Phone System Application. An attacker can get sensitive customer/admin session-data over multiple Cross-Site-Scripting...
Mandriva Update for isdn4k-utils MDVA-2008:014 (isdn4k-utils)
Check for the Version of isdn4k-utils OpenVAS Vulnerability Test Mandriva Update for isdn4k-utils MDVA-2008:014 isdn4k-utils Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...