102 matches found
Dolby Audio X2 (DAX2) privilege escalation
A vulnerability has been identified with the file permissions for the Dolby DAX2 application programming interface API that could allow a local user to run files with system level privileges. Mitigation Strategy for Customers what you should do to protect yourself: Lenovo is currently working wit...
Dolby Audio X2 (DAX2) privilege escalation - Lenovo Support US
No description provided...
UBUNTU-CVE-2016-4440
arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service host OS crash or possibly execute arbitrary code on the host OS, via x2APIC mode...
Discuz! X2 X3多个版本无须登陆无须条件SSRF漏洞
No description provided by source...
CVE-2015-5076
Multiple cross-site scripting XSS vulnerabilities in X2Engine X2CRM before 5.0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 version parameter in protected/views/admin/formEditor.php; the 2 importId parameter in protected/views/admin/rollbackImport.php; the 3 bc, 4 fg,...
JVN#04895240: SEIL Series routers vulnerable to denial-of-service (DoS)
The PPP Access Concentrator PPPAC and the Dial-Up Networking in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to an issue in processing certain packets CWE-119. Impact By receiving a specially crafted packet, the device may be...
Siteman 2.0.x2 - 'module' Parameter Cross-Site Scripting and Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28943/info Siteman is prone to a local file-include vulnerability and a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this as a...
JVN#10724763: SEIL Series routers vulnerable to denial-of-service (DoS)
The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to an issue in processing certain packets. CWE-119 Impact By receiving a specially crafted TCP packet, a session established using PPPAC may be...
CVE-2013-4708
The PPP Access Concentrator PPPAC in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows...
Authentication flaw
The PPP Access Concentrator PPPAC in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 generates predictable random numbers, which allows...
Buffer overflow
Buffer overflow in the PPP Access Concentrator PPPAC on the SEIL/x86 with firmware before 2.82, SEIL/X1 with firmware before 4.32, SEIL/X2 with firmware before 4.32, SEIL/B1 with firmware before 4.32, SEIL/Turbo with firmware before 2.16, and SEIL/neu 2FE Plus with firmware before 2.16 allows...
CVE-2013-4709
Buffer overflow in the PPP Access Concentrator PPPAC on the SEIL/x86 with firmware before 2.82, SEIL/X1 with firmware before 4.32, SEIL/X2 with firmware before 4.32, SEIL/B1 with firmware before 4.32, SEIL/Turbo with firmware before 2.16, and SEIL/neu 2FE Plus with firmware before 2.16 allows...
JVN#43152129: SEIL Series routers vulnerable to buffer overflow
The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contains a buffer overflow vulnerability in processing L2TP messages. Impact An attacker may execute an arbitrary code on the vulnerable system. Solution Update the Firmware Apply the appropriate...
Discuz! X2 V63积分商城插件 SQL注入漏洞
No description provided by source...
Discuz! X2 回复仅作者可见控制不严
简要描述: Discuz! X2 发布回复仅作者可见的主题帖,普通会员可以绕过该机制获得被隐藏的部分内容 详细说明: 帖子为打开状态时,可以通过楼层获得fid、tid、repposet 这3个参数,手动URL提交,可获取引用回复,引用回复中含有被屏蔽(仅作者可见的)部分内容。 漏洞证明: 拼接的url...
Discuz X2 后台getshell(当mysql为root时)
简要描述: 危险语句过滤,可以绕过 详细说明: 最近帮朋友看了一个站,DZx2的,拿到了创始人都没办法getshell 百度无果,自己本地架设了一下 1,当mysql是root时 站长---数据库---升级 尝试 select '1' into outfile 'E:\2.txt' 会提示 Type 查询语句安全威胁 Query select '1' into outfile 'E:\2.txt' 为什么会这样呢? \config\configglobal.php中 限制了into outfile函数 尝试绕过 /!select/ '1' /!into outfile/ 'E:\3.tx...
Discuz! X2 /source/function/function_exif.php跨站漏洞
No description provided by source...
Discuz x2 source/function/function_connect.php leakage of the server's physical path-vulnerability warning-the black bar safety net
Affected version: Discuz x2 vulnerability description: source/function/functionconnect.php The file header is not added: if! defined‘INDISCUZ’ exit‘Access Denied’; And at the head of the pack The letter the other file: requireonce libfile‘function/cloud’; reference...
Discuz! x2 201110版 报物理路径
简要描述: 详细说明: attachEventwindow, 'load', function appendscript''.$jsurl.'', '', 1, 'utf-8' , document;'; function connectoutputphp$url, $postData = '' global $G; $response = dfsockopen$url, 0, $postData, '', false, $G'setting''cloudapiip'; $result = array unserialize$response; return $result;...
Discuz! X2 forum_attachment.php sql注入漏洞
No description provided by source...