109 matches found
Android - Binder Driver Use-After-Free
Android - Binder Driver Use-After-Free The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm and possibly others: There is a use-after-free of the wait member in the binderthread struct in the binder driver at /drivers/android/binder.c. ...
Command injection
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user...
CyberArk Enterprise Password Vault 10.7 XML External Entity Injection
Exploit Title: CyberArk XML External Entity XXE Injection in SAML authentication Date: 10/05/2019 Exploit Author: Marcelo Toran @spamv Vendor Homepage: https://www.cyberark.com Version: =10.7 CVE : CVE-2019-7442 -----------Product description The CyberArk Enterprise Password Vault is a privileged...
Information Disclosure
Firefox, Firefox ESR and Thunderbird are vulnerable to information disclosure. Remote attackers could exploit the vulnerable Video Caption Handler component by load video captions from other domains to cause potential information disclosure for video captions...
Command injection
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that contains an exported broadcast receiver application component that, wh...
Code injection
The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/USPhone/ASUSX0081:7.0/NRD90M/USPhone-14.14.1711.92-20171208:user/release-keys contains a pre-installed platform app with a package name of com.asus.dm versionCode=1510500200, versionName=1.5.0.40171122 has an exposed interface...
CVE-2018-15964
Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure...
CVE-2018-12828
Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation...
flash-plugin: Privilege Escalation vulnerability (APSB18-25)
Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation...
Computerinsel Photoline PCX Run Length Encoding Code Execution Vulnerability
Summary A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.54. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this...
Sungard eTRAKiT3 <= 3.2.1.17 - SQL Injection
Software: Sungard eTRAKiT3 Version: 3.2.1.17 and possibly lower CVE: CVE-2016-6566 https://www.kb.cert.org/vuls/id/846103 Vulnerable Component: Login page Description ================ The login form is vulnerable to blind SQL injection by an unauthenticated user. Vulnerabilities ================...
Outlook.com for Android fails to validate server certificates
------------------------------------------------------------------------ Outlook.com for Android fails to validate server certificates ------------------------------------------------------------------------ Yorick Koster, April 2014...
Autonomy KeyView Lotus 1-2-3 File Multiple Buffer Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26604/info Autonomy KeyView is prone to multiple buffer-overflow vulnerabilities. Successfully exploiting these issues could allow an attacker to execute arbitrary code in the context of the user running the application...
Joomla Component BibTeX <= 1.3 - Remote Blind SQL Injection Exploit
No description provided by source. html head titleJoomla Component BibTeX = 1.3 Remote Blind SQL Injection Vulnerability/title /head body !-- Title : Joomla Component BibTeX = 1.3 Remote Blind SQL Injection Vulnerability -- !-- Author : ajann -- !-- Contact : : -- !-- S.Page :...
Mambo com_registration_detailed <= 4.1 - Remote File Include
No description provided by source. Mambo comregistrationdetailed = 4.1 Remote File Inclusion Download Source : http://mamboxchange.com/projects/regdetailed/ Dork = allinur:comextendedregistration Found By: k1tk4t - k1tk4td0th4ck4tgmaild0tcom Location: Indonesia file ; registrationdetailed.inc.php...
Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload
Joomla! Component comosproperty 2.0.2 - Unrestricted Arbitrary File Upload Exploit Title: Joomla comosproperty Unrestricted File Upload Google Dork: comosproperty Date: 13-07-2012 Author: Daniel Barragan "D4NB4R" Twitter: @D4NB4R site: http://www.insecurityperu.org/ &...
SOL13607 - Hosts may generate weak RSA keys under low entropy conditions
A recent study, linked in the Supplemental Information section, has revealed that when a system generates new RSA keys under low-entropy conditions, such as during the first system boot, the resulting keys may not be cryptographically strong. During its first boot, the BIG-IP system generates...
Log1 CMS writeInfo() PHP Code Injection
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Log1 CMS writeInf...
Log1 CMS - 'writeInfo()' PHP Code Injection (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Log1 CMS writeInf...
CVE-2010-4918
CVE-2010-4918 affects the Joomla! extension iJoomla Magazine (com_magazine) version 3.0.1, where a PHP Remote File Inclusion (RFI) vulnerability in magazine.functions.php allows an attacker to execute arbitrary PHP code via the config parameter in a URL. The underlying issue is an unchecked confi...