Lucene search
K
SeebugMost viewed

56796 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

UseBB 1.0.7 install/upgrade-0-3.php PHP_SELF Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24990/info UseBB is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Clipbucket 2.5 - Directory Traversal

No description provided by source. Author: loneferret of Offensive Security Product: ClipBucket Version: 2.5 and maybe older versions Vendor Site: http://clip-bucket.com/ Software Download: http://sourceforge.net/projects/clipbucket/ Software description: ClipBucket is an OpenSource Multimedia...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

myPHPNuke 1.8.8 Links.php Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6892/info Reportedly, myPHPNuke 'links.php' does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Mozilla Firefox Firefox 4.0.1 Array.reduceRight() Exploit

No description provided by source. !-- Full Exploit Code: http://www.exploit-db.com/sploits/18531.zip PoC exploit for CVE-2011-2371 tested against Firefox 4.0.1 md5 of mozjs.dll: 5d7ffcc9deb5bb08417ceae51d2afed4 change constants to switch between w7/xp. see my blog if you want to know how this...

10CVSS9.8AI score0.75691EPSS
Exploits17
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

D-Link DSR Router Series - Remote Root Shell Exploit

No description provided by source. !/usr/bin/python CVEs: CVE-2013-5945 - Authentication Bypass by SQL-Injection CVE-2013-5946 - Privilege Escalation by Arbitrary Command Execution Vulnerable Routers: D-Link DSR-150 Firmware v1.08B44 D-Link DSR-150N Firmware v1.05B64 D-Link DSR-250 and DSR-250N...

10CVSS9.2AI score0.09783EPSS
Exploits8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Adobe Flash Player Regular Expression Heap Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::BrowserExploitServer def...

9.3CVSS0.3AI score0.77597EPSS
Exploits10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Acoustica MP3 Audio Mixer 2.471 Extended M3U directives SEH

No description provided by source. Exploit Title: Acoustica MP3 Audio Mixer 2.471 Extended M3U directives SEH Date: September 8 2010 Author: Carlos Hollmann Software Link: http://www.acoustica.com/downloading.asp?p=1 Version: 2.471 Tested on: Windows xp sp3 running on VMware Fusion 3.1 and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Microsoft IIS 4.0,Microsoft JET 3.5/3.5.1 Database Engine VBA Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/286/info Microsoft's JET database engine feature allows the embedding of Visual Basic for Application in SQL string expressions and the lack of metacharacter filtering by many web applications may allow remote users to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

UBBCentral 6.0 UBB.threads Printthread.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13253/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'printthread.php' script. UBB.threads 6.0 is reported prone to this issue. I...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20121017-2 ======================================================================= title: Multiple vulnerabilities in Oracle WebCenter Sites product: Oracle WebCenter Sites former FatWire Content Server vulnerable...

4.9CVSS6.5AI score0.04455EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com TP-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: TP-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0318 Advisory URL:...

0.4AI score0.42243EPSS
Exploits7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Scrutinizer NetFlow & sFlow Analyzer - Multiple Vulnerabilities

No description provided by source. Trustwave SpiderLabs Security Advisory TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer https://www.trustwave.com/spiderlabs/advisories/TWSL2012-008.txt Published: 04/11/12 Version: 1.0 Vendor: Plixer International...

6.6AI score0.04247EPSS
Exploits10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Oracle Outside In MDB - File Parsing Stack Based Buffer Overflow PoC

No description provided by source. !/usr/bin/python Exploit Title: Oracle Outside In MDB File Parsing Stack Based Buffer Overflow PoC Date: 16th January 2014 PoC Author: Citadelo Vendor Homepage: http://www.oracle.com Software Link: http://www.oracle.com/us/technologies/embedded/025613.htm Versio...

1.5CVSS6.5AI score0.01901EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

FOSCAM IP-Cameras Improper Access Restrictions

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ MayGion IP Cameras multiple vulnerabilities 1. Advisory Information Title: MayGion IP Cameras multiple vulnerabilities Advisory ID: CORE-2013-0322 Advisory URL:...

7.5CVSS7.8AI score0.11543EPSS
Exploits8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Debian Linux 2.1 apcd Symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/958/info A vulnerability exists in the apcd package, as shipped in Debian GNU/Linux 2.1. By sending the apcd process a SIGUSR1, a file will be created in /tmp called upsstat. This file contains information about the statu...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Grep < 2.11 Integer Overflow Crash PoC

No description provided by source. Grep 2.11 is vulnerable to int overflow exploitation. http://lists.gnu.org/archive/html/bug-grep/2012-03/msg00007.html Although it is patched in the recent Grep, This update has not been pushed to the Ubuntu repos, or the Redhat repos, leaving 99% of those OS'sa...

4.4CVSS0.4AI score0.01022EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Advisory...

6.9CVSS6.8AI score0.08195EPSS
Exploits13
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

DMXReady PayPal Store Manager <= 1.1 Contents Change Vulnerability

No description provided by source. Title : DMXReady PayPal Store Manager = 1.1 Remote Contents Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 129.97 $ Dork : inurl:incpaypalstoremanager.asp DorkEx :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

dcam webcam server personal web server 8.2.5 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9273/info It has been reported that the Personal Web Server of DCAM WebCam Server may be prone to a directory traversal vulnerability that may allow a remote attacker to traverse outside the server root directory by using...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/05/08 12:0 a.m.57 views

某通用校园管理系统权限不严格(默认密码)

简要描述: 可以通过系统内置低权限账号,获取高权限超级管理员密码 详细说明: 在官方演示站http://www.suyaxing.com:81/WS2004/default.asp 以官方公告的口令admin/admin登陆演示站 演示站用户看到Vodadmin 密码为星号,用星号密码查看器看到密码是11。(随后测试了20个站,都是内置这个账号) Vod管理员密码修改后貌似会和官方的Vod视频源冲突所以没有用户敢改。 接下来---------做实验,随机抽个站 实验站:http://www.fjzhyz.cn/ 系统内置低权限账号:Vodadmin 密码11...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/28 12:0 a.m.57 views

Cisco IOS Software IK3v2模块拒绝服务漏洞

CVECAN ID: CVE-2014-2108 Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。 Cisco IOS 12.2、15.0-15.3、IOS XE 3.2-3.7、3.8-3.10版本存在安全漏洞,远程攻击者通过特制的IKEv2数据包,利用此漏洞可造成拒绝服务(内存耗尽)。 0 Cisco IOS 15.x Cisco IOS 12.2 Cisco已经为此发布了一个安全公告(cisco-sa-20140326-ikev2)以及相应补丁:...

7.8CVSS9AI score0.02205EPSS
Exploits1
seebug.org
seebug.org
added 2014/03/27 12:0 a.m.57 views

Apache Xalan-Java FEATURE_SECURE_PROCESSIN属性处理安全绕过漏洞

CVE ID:CVE-2014-0107 Apache Xalan-Java是一个使用Java和C++来实现XSLT库的项目。 Apache Xalan-Java处理部分输出属性时存在错误,允许攻击者利用漏洞绕过安全处理特性FEATURESECUREPROCESSING,可访问受限属性或加载任意受限类。 0 Apache Xalan-Java 2.7.0 用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞: https://issues.apache.org/jira/browse/XALANJ-2435...

7.5CVSS8.7AI score0.13809EPSS
Exploits2
seebug.org
seebug.org
added 2014/03/14 12:0 a.m.57 views

Oracle VM VirtualBox 'crNetRecvWriteback()'函数内存破坏漏洞

BUGTRAQ ID: 66132 CVECAN ID: CVE-2014-0982 VirtualBox是一种x86的虚拟化产品。 Oracle VM VirtualBox在函数crNetRecvWriteback的实现上存在内存破坏漏洞,攻击者可利用该漏洞在主机操作系统内运行的管理程序上下文内执行任意代码。 0 Oracle VM VirtualBox 4.1 Oracle VM VirtualBox 4.0 Oracle VM VirtualBox 3.2 Oracle VM VirtualBox 3.1 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.3AI score
Exploits6
seebug.org
seebug.org
added 2014/03/13 12:0 a.m.57 views

Microsoft Windows Security Account Manager Remote协议安全限制绕过漏洞

BUGTRAQ ID: 66012 CVECAN ID: CVE-2014-0317 Windows是一款由美国微软公司开发的窗口化操作系统。 Security Account Manager Remote SAMR协议没有正确验证用户锁定状态,在实现上存在安全功能绕过漏洞。 0 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2003 厂商补丁: Microsoft ---------...

5.4CVSS6.4AI score0.10249EPSS
Exploits1
seebug.org
seebug.org
added 2014/03/11 12:0 a.m.57 views

Linux Kernel IPv6路由通告报文处理拒绝服务漏洞

CVE ID:CVE-2014-2309 Linux Kernel是一款开源的操作系统。 Linux Kernel在创建路由通告的路由时存在错误,允许攻击者利用漏洞提交恶意报文消耗大量内存资源,造成拒绝服务攻击。 要成功利用漏洞需要内核支持IPv6协议,并启用IPv6临时地址。 0 Linux Kernel 3.10.x Linux Kernel 3.12.x Linux Kernel 3.13.x 厂商补丁: Linux ----- 用户可参考厂商的GIT库以获得补丁修复此漏洞:...

6.1CVSS8.1AI score0.02426EPSS
Exploits2
seebug.org
seebug.org
added 2014/03/06 12:0 a.m.57 views

MediaWiki 'theloadFromSession'函数信息泄露漏洞

BUGTRAQ ID:65883 CVE ID:CVE-2014-2243 MediaWiki是一款Wiki程序。 MediaWiki的includes/User.php脚本'theloadFromSession'函数存在安全漏洞。远程攻击者可通过实施暴力破解攻击利用该漏洞获取会话令牌的访问权限。 0 MediaWiki Mediawiki 2.0.18 MediaWiki Mediawiki = 1.19.11 MediaWiki Mediawiki 1.20.x MediaWiki Mediawiki 1.21.x1.21.6 MediaWiki Mediawiki...

5.8CVSS0.1AI score0.01553EPSS
Exploits1
seebug.org
seebug.org
added 2014/02/12 12:0 a.m.57 views

Schneider Electric Telvent SAGE 3030 RTU远程拒绝服务漏洞

BUGTRAQ ID: 65262 CVECAN ID: CVE-2013-6143 Telvent SAGE 3030 RTU是工业数据通信设备。 Telvent SAGE 3030 RTU C3413-500-001D3P4、C3413-500-001F0PB处理某些输入时,DNP3服务存在错误,可导致崩溃,造成拒绝服务。 0 Schneider Electric Telvent SAGE 3030 RTU C3413-500-001F0PB Schneider Electric Telvent SAGE 3030 RTU C3413-500-001D3P4 厂商补丁:...

5CVSS6.5AI score0.01358EPSS
Exploits1
seebug.org
seebug.org
added 2013/12/18 12:0 a.m.58 views

Discuz! X2.5 api.php 信息泄露漏洞

Discuz!是国内一套通用的社区论坛软件系统。 Discuz! X2.5 api.php文件中由于arraykeyexists中的第一个参数只能为整数或者字符串,当?mod=ks时,$mod类型为array,从而导致arraykeyexists产生错误信息。 0 Discuz! X2.5...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/11/25 12:0 a.m.57 views

UChome 注入漏洞

简要描述: UChome 注入漏洞 详细说明: source/cpclbum.php elseif$GET'op' == 'editpic' $managealbum = checkperm'managealbum'; includeonceSROOT.'./source/functionbbcode.php'; if$albumid 0 $query = $SGLOBAL'db'-query"SELECT FROM ".tname'album'." WHERE albumid='$albumid'"; if!$album = $SGLOBAL'db'-fetcharray$query...

7AI score
Exploits0
seebug.org
seebug.org
added 2013/07/24 12:0 a.m.57 views

DotNetNuke /Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx 文件上传漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/07/17 12:0 a.m.57 views

ActiveMQ Cron Jobs CVE-2013-1879 HTML注入漏洞

Bugtraq ID:61142 CVE ID:CVE-2013-1879 Apache ActiveMQ是一款开源消息总线,支持JMS1.1和J2EE 1.4规范的JMS Provider实现 Apache ActiveMQ处理cron作业时没有对用户提交的某些参数进行过滤,允许攻击者利用漏洞注入任意HTML和脚本代码,当恶意数据被查看时,可获取用户敏感信息或劫持用户会话 0 Apache ActiveMQ 5.8.0 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息: https://issues.apache.org/jira/browse/AMQ-4397...

4.3CVSS0.3AI score0.06366EPSS
Exploits1
seebug.org
seebug.org
added 2013/07/08 12:0 a.m.57 views

用友软件开发管理平台IIS写权限导致可获取服务器webshell

简要描述: 见说明 详细说明: http://ufsdp-borrow.ufsoft.com.cn/cmd.asp http://ufsdp-borrow.ufsoft.com.cn/1937cN.txt 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/04/24 12:0 a.m.57 views

Apache ActiveMQ WEB控制台 远程拒绝服务或信息泄露漏洞(CVE-2013-3060)

CVE ID:CVE-2013-3060 Apache ActiveMQ是一款开源消息总线,支持JMS1.1和J2EE 1.4规范的JMS Provider实现。 Apache ActiveMQ WEB控制台无需验证,允许远程攻击者利用漏洞提交HTTP请求获得敏感信息或进行拒绝服务攻击。 0 Apache ActiveMQ 5.8.0之前版本 厂商解决方案 Apache ActiveMQ 5.8.0已经修复此漏洞,建议用户下载更新: https://activemq.apache.org/...

6.4CVSS9.6AI score0.06311EPSS
Exploits1
seebug.org
seebug.org
added 2013/03/20 12:0 a.m.57 views

Ruby on Rails XML解析远程拒绝服务漏洞(CVE-2013-1856)

BUGTRAQ ID: 58554 CVECAN ID: CVE-2013-1856 Ruby on Rails简称RoR或Rails,是一个使用Ruby语言写的开源Web应用框架,它是严格按照MVC结构开发的。 Ruby on Rails 3.0.0及之后版本在使用JRuby时,ActiveSupport XML解析器的JDOM后端内存在漏洞,攻击者可利用此漏洞造成拒绝服务或访问应用服务器上的文件。 0 Ruby on Rails 3.x Ruby on Rails 2.x 临时解决方法: 如果您不能立刻安装补丁或者升级,建议您采取以下措施以降低威胁:...

5.8CVSS6.3AI score0.02054EPSS
Exploits1
seebug.org
seebug.org
added 2012/12/25 12:0 a.m.57 views

Novell iPrint Client &quot;op-client-interface-version&quot;代码执行漏洞

CVECAN ID: CVE-2012-0411 Novell iPrint是打印解决方案。 Novell iPrint Client 5.82之前版本在处理"op-client-interface-version"参数时存在错误,可被利用执行任意代码。 0 Novell iPrint Client 5.x 厂商补丁: Novell ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载5.82: http://www.novell.com/support/kb/doc.php?id=7008708...

10CVSS6.4AI score0.04325EPSS
Exploits1
seebug.org
seebug.org
added 2012/08/26 12:0 a.m.57 views

Linux Kernel 'madvise_remove()'函数本地拒绝服务漏洞

BUGTRAQ ID: 55151 CVE ID: CVE-2012-3511 Linux Kernel其基础为linux平台,linux为C语言编写的内核,基于此内核又衍生出了具体的Red hat linux 、open suse linux等具体的操作系统,一套基于Linux内核的完整操作系统叫作Linux操作系统,或是GNU/Linux。 Linux Kernel在 "madviseremove" 函数的实现上存在释放后重用漏洞,可被恶意本地用户利用造成引用已经释放的内存。 0 Linux kernel 3.4.x Linux kernel 3.2.x Linux kernel...

6.2CVSS7.3AI score0.00376EPSS
Exploits2
seebug.org
seebug.org
added 2012/06/14 12:0 a.m.57 views

Microsoft Internet Explorer 8 Code Execution(CVE-2012-1875)

No description provided by source. CAL-2012-0026 Microsfot IE Same ID Property Remote Code Execution Vulnerability CVE ID: CVE-2012-1875 http://technet.microsoft.com/en-us/security/bulletin/ms12-037...

9.3CVSS0.61655EPSS
Exploits11
seebug.org
seebug.org
added 2012/05/17 12:0 a.m.57 views

Apple QuickTime 7.7.2之前版本多个远程任意代码执行漏洞

BUGTRAQ ID: 53547 CVE ID: CVE-2012-0663,CVE-2012-0664,CVE-2012-0665,CVE-2012-0666,CVE-2012-0667,CVE-2012-0668,CVE-2012-0669,CVE-2012-0670,CVE-2012-0671,CVE-2012-0265 OS X Lion Server 内含一组应用软件,可将任意一台Mac 变成功能强大的服务器。Mac OS是一套运行于苹果的Macintosh系列电脑上的操作系统。 Windows 7、Vista、XP上的Apple QuickTime...

9.3CVSS2.2AI score0.28623EPSS
Exploits18
seebug.org
seebug.org
added 2011/11/29 12:0 a.m.57 views

Linux kernel 2.6.x空指针引用拒绝服务漏洞

BUGTRAQ ID: 50755 CVE ID: CVE-2011-4110 Linux Kernel在处理用户定义的键类型上存在空指针引用拒绝服务漏洞,攻击者可利用此漏洞使受影响计算机崩溃。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kernel.org/...

2.1CVSS0.2AI score0.00489EPSS
Exploits2
seebug.org
seebug.org
added 2011/10/28 12:0 a.m.57 views

Apple QuickTime信息泄露漏洞

BUGTRAQ ID: 50130 CVE ID: CVE-2011-3220 QuickTime是由苹果电脑所开发的一种多媒体架构,能够处理许多的数字视频、媒体段落、音效、文字、动画、音乐格式,以及交互式全景影像的数项类型。 Apple QuickTime在处理视频文件中的URL数据处理程序时存在未初始化内存访问问题,攻击者可利用此漏洞读取内存内容。 Apple QuickTime Player 7.x 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.apple.com/...

4.3CVSS8.4AI score0.0189EPSS
Exploits1
seebug.org
seebug.org
added 2011/07/04 12:0 a.m.57 views

MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit

No description provided by source. Exploit Title: MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit Date: 7/3/2011 Author: Snake Shahriyar.j at gmail Version: MS Office = 2010 Tested on: MS Office 2010 14.0.4734.1000 - Windows 7 CVE : CVE-2010-3333 This is the exploit I wrote for...

9.3CVSS0.3AI score0.89497EPSS
Exploits14
seebug.org
seebug.org
added 2011/01/19 12:0 a.m.57 views

Linux Kernel &quot;execve()&quot;内存扩展&quot;OOM-killer&quot;本地拒绝服务漏洞

BUGTRAQ ID: 45004 CVE ID: CVE-2010-4243 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的"OOM-killer"功能在实现上存在安全漏洞,本地攻击者可利用此漏洞终止不相关的进程,造成拒绝服务。 漏洞源于oomkill函数看不到没有附加到任何线程的已分配内存。 Linux kernel 2.6.24.3 - 2.6.37 RedHat Enterprise Linux Desktop v.5 client 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载...

4.9CVSS6.5AI score0.0091EPSS
Exploits3
seebug.org
seebug.org
added 2010/12/19 12:0 a.m.57 views

Linux Kernel &lt; 2.6.37-rc2 ACPI custom_method Privilege Escalation

No description provided by source. / american-sign-language.c Linux Kernel 2.6.37-rc2 ACPI custommethod Privilege Escalation Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4347 This custommethod file allows to inject...

6.9CVSS0.3AI score0.02203EPSS
Exploits6
seebug.org
seebug.org
added 2010/10/26 12:0 a.m.57 views

Mozilla Firefox Modal调用跨域信息泄露漏洞

BUGTRAQ ID: 44252 CVECAN ID: CVE-2010-3178 Firefox是一款非常流行的开源WEB浏览器。 如果网页打开了新的窗口并使用javascript: URL执行modal调用,如alert,且之后将网页导航到了不同的域,则modal调用返回到窗口的打开程序就可以访问所导航到窗口中的对象。这违反了同源策略,允许用户窃取其他网站的敏感信息。 Mozilla Firefox 3.6.x Mozilla Firefox 3.5.x Mozilla Thunderbird 3.1.x Mozilla Thunderbird 3.0.x Mozilla...

5.8CVSS0.4AI score0.01398EPSS
Exploits1
seebug.org
seebug.org
added 2010/10/15 12:0 a.m.57 views

Microsoft IE HtmlDlgHelper类内存破坏漏洞(MS10-071)

BUGTRAQ ID: 43706 CVE ID: CVE-2010-3329 Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。 Windows在实例化Office文档(如.XLS、.DOC)中HtmlDlgHelper类对象(CLASSID: 3050f4e1-98b5-11cf-bb82-00aa00bdce0b)的方式存在内存破坏漏洞。有漏洞的模块是Internet Explorer中的mshtmled.dll,当调用CHtmlDlgHelper类的析构程序之后访问未初始化内存时就会在mshtmled.dll...

9.3CVSS8.7AI score0.28842EPSS
Exploits7
seebug.org
seebug.org
added 2010/06/28 12:0 a.m.57 views

Firefox JavaScript引擎Math.Random()跨域信息泄露漏洞

BUGTRAQ ID: 33276 CVE ID: CVE-2009-1696,CVE-2008-5913 Firefox是非常流行的开源WEB浏览器。 Firefox的JavaScript实现的Math.random函数中存在安全漏洞,攻击者可以对该函数的种子值进行逆向。由于对于每个浏览的会话伪随机数生成器仅提供了一次种子,因此可以将这个种子值用作唯一的令牌跨不同的网站识别和追踪用户。 Mozilla Firefox 3.6.x Mozilla Firefox 3.5.x Mozilla SeaMonkey 2.0.5 厂商补丁: Debian ------...

5CVSS0.1AI score0.02335EPSS
Exploits3
seebug.org
seebug.org
added 2010/06/04 12:0 a.m.57 views

OpenSSL EVP_PKEY_verify_recover()无效返回值绕过密钥验证漏洞

BUGTRAQ ID: 40503 CVE ID: CVE-2010-1633 OpenSSL是一种开放源码的SSL实现,用来实现网络通信的高强度加密,现在被广泛地用于各种网络应用程序中。 当验证恢复进程失败的情况下所返回的是未初始化的缓冲区而不是出错代码,使用EVPPKEYverifyrecover函数的应用可以利用这个情况绕过密钥验证获得非授权访问。 OpenSSL 1.0.0 厂商补丁: OpenSSL Project --------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.4CVSS8.6AI score0.02392EPSS
Exploits2
seebug.org
seebug.org
added 2010/04/09 12:0 a.m.57 views

Linux kernel 2.6.x nfs_wait_on_request函数本地拒绝漏洞

CVE ID: CVE-2010-1087 Linux Kernel是开放源码操作系统Linux所使用的内核 Linux Kernel的fs/nfs/pagelist.c文件中的nfswaitonrequest函数中存在拒绝服务漏洞。VM/VFS不允许mapping-aops-invalidatepage失败,但如果出现了fatal signal的话nfswbpagecancel可能会失败。由于NFS代码假设只要回写仍活动页面就会保持映射,因此可能出现拒绝服务的情况 Linux kernel 2.6.x 厂商补丁: Linux -----...

7.8CVSS0.2AI score0.03573EPSS
Exploits1
seebug.org
seebug.org
added 2010/04/02 12:0 a.m.57 views

Linux kernel 2.6.x USB接口本地信息泄露漏洞

BUGTRAQ ID: 39042 CVE ID: CVE-2010-1083 Linux Kernel是开放源码操作系统Linux所使用的内核。 在出现设备通讯失败的时候(如USB超时)Linux Kernel的drivers/usb/core/devio.c文件中的processcompl和processcomplcompat函数将transfer缓冲区未经修改的返回给了用户空间进程,其中可能包含有最近释放的内核数据。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.7CVSS0.2AI score0.00361EPSS
Exploits1
seebug.org
seebug.org
added 2010/03/16 12:0 a.m.57 views

Adobe PDF LibTiff Integer Overflow Code Execution

No description provided by source. doc=''' CVE-2010-0188.py Title: Adobe PDF LibTiff Integer Overflow Code Execution. Product: Adobe Acrobat Reader Version: =8.3.0, =9.3.0 CVE: 2010-0188 Author: villy villys777 at gmail.com Site: http://bugix-security.blogspot.com/ Tested : succesfully tested on...

9.3CVSS6.5AI score0.88246EPSS
Exploits12
Total number of security vulnerabilities5000