56796 matches found
Hikvision IP Camera Access Bypass
Access control bypass in Hikvision IP Cameras Full disclosure Sep 12, 2017 Synopsis: --------------- Many Hikvision IP cameras contain a backdoor that allows unauthenticated impersonation of any configured user account. The vulnerability has been present in Hikvision products since at least 2014...
zzcms user/askadd.php injection
No description provided by source...
DOTCMS4. 1. 1 arbitrary file upload vulnerability
Recetly, I found an Arbitrary File Upload Vulnerability in 'DotCMS' program, DotCMS is widely used in many companies. Vulnerable cgi: /dotcms4.1.1999999.jar!/com/dotmarketing/servlets/AjaxFileUploadServlet.class: private void doFileUploadHttpSession session, HttpServletRequest request,...
InsideSecure MatrixSSL x509 certificate IssuerDomainPolicy Remote Code Execution Vulnerability(CVE-2017-2781)
Summary An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a...
ProcessMaker Enterprise Core Code Execution Vulnerability(CVE-2016-9045)
Summary A code execution vulnerability exists in ProcessMarker Enterprise Core 3.0.1.7-community. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability. Tested...
Dell Precision Optimizer Local Privilege Escalation Vulnerability(CVE-2017-2802)
Summary An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege...
Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability(CVE-2017-2818)
Summary An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to...
Nitro Pro 11 PDF Handling Code Execution Vulnerability(CVE-2016-2796)
Summary An out of bound write vulnerability exists in the PDF parsing functionality of Nitro Pro 11.0.4.159. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability. Tested...
Corel CorelDRAW X8 EMF Parser Code Execution Vulnerability(CVE-2016-9043)
Summary An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 CdrGfx - Corel Graphics Engine 64-Bit - 18.1.0.661. A specially crafted EMF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific EMF file...
Corel PHOTO-PAINT X8 TIFF Filter Code Execution Vulnerability(CVE-2017-2804)
Summary A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this...
Corel PHOTO-PAINT X8 64-bit TIFF Filter Code Execution Vulnerability(CVE-2017-2803)
Summary A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger...
FreeRDP Rdp Client Recv RDP Code Execution Vulnerability(CVE-2017-2835)
Summary An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middl...
FreeRDP Rdp Client GCC Read Server Security Data Denial of Service Vulnerability(CVE-2017-2837)
Summary An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in...
GNOME libsoup HTTP Chunked Encoding Remote Code Execution Vulnerability(CVE-2017-2885)
Summary An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability...
Kakadu SDK JPEG 2000 Contiguous Codestream Code Execution Vulnerability(CVE-2017-2812)
Summary A code execution vulnerability exists in the kdubufferedexpand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise. Tested Versions Kakadu SDK 7.9 - OSX & Linux Produ...
EZB Systems UltraISO ISO Parsing Code Execution Vulnerability(CVE-2017-2840)
Summary An buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can provide a specific .ISO file to trigger this vulnerability. Tested...
FreeRDP Rdp Client License Read Challenge Packet Denial of Service Vulnerability(CVE-2017-2839)
Summary An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use ma...
FreeRDP Rdp Client License Read Product Info Denial of Service Vulnerability(CVE-2017-2838)
Summary An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use ma...
Adobe Acrobat Reader DC AcroForm PDFDocEncoding Remote Code Execution Vulnerability(CVE-2017-11263)
Summary An exploitable case of parser confusion can lead to invalid pointer arithmetic in part of code responsible for parsing AcroForm forms in the Adobe Acrobat Reader DC 2017.009.20044. A specially crafted PDF file can abuse this unchecked pointer arithmetic to access and overwrite arbitrary...
Open Fire User Import Export Plugin XML External Entity Injection(CVE-2017-2815)
Summary An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability...
The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device (BlueBorne)
General Overview Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them. The new vector is dubbed “BlueBorne”, as it spread through the air airborne and attacks devices via...
Corel PHOTO-PAINT X8 GIF Filter Code Execution Vulnerability(CVE-2016-8730)
Summary An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted GIF file can cause a vulnerability resulting in potential memory corruption resulting in code execution. An attacker can send the victim a...
FreeRDP Rdp Client Read Server Proprietary Certificate Denial of Service Vulnerability(CVE-2017-2836)
Summary An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the...
FreeRDP Rdp Client License Recv Code Execution Vulnerability(CVE-2017-2834)
Summary An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the...
Kakadu SDK JPEG 2000 Unknown Marker Code Execution Vulnerability(CVE-2017-2811)
Summary A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise. Tested Versions Kakadu SDK 7.9 - OSX & Lin...
Openfire 3.10.2 - Multiple Vulnerabilities
Product: Openfire 3.10.2 Openfire is a real time collaboration RTC server licensed under the Open Source Apache License. It uses the only widely adopted open protocol for instant messaging, XMPP also called Jabber. Vulnerability Type: Unrestricted File Upload Vulnerability Details: Application...
Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerability
Vulnerability description: -------------------------- The jabber server Openfire = version 3.6.0a contains several serious vulnerabilities. Depending on the particular runtime environment these issues can potentially even be used by an attacker to execute code on operating system level. 1...
Lexmark LibISYSpdf Image Rendering DCTStream::getBlock() Code Execution Vulnerability(CVE-2017-2822)
Summary An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack....
Ledger CLI Tags Parsing Code Execution Vulnerability(CVE-2017-2807)
Summary An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal file can cause a integer underflow resulting in code execution. An attacker can construct a malicious journal file to trigger this vulnerability. Tested...
Gdk-Pixbuf JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability(CVE-2017-2862)
Summary An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability. Tested...
Microsoft Edge Content Security Bypass Vulnerability
Summary An exploitable information leak vulnerability exists in the Content Security Policy enforcement functionality of Microsoft Edge 40.15063.0.0. A specially crafted web page can cause a content security policy bypass resulting in an information leak. An attacker can create a malicious webpag...
Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability(CVE-2017-2821)
Summary An exploitable use-after-free exists in the PDF parsing functionality of the Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resulting in direct code execution. Tested Versions Lexmark Perceptive Document Filters...
OpenFire 3.10.2 < 4.0.1 - Multiple Vulnerabilities
Several vulnerabilities doscovered in OpenFire version 3.10.2 to 4.0.1 Product Description OpenFire is an opensource project under GNU GPL licence. It provides a Jabber/XMPP server fully develloped in Java. It's develloped by the Ignite realtime community. The actual version of the product is...
Gdk-Pixbuf TIFF tiff_image_parse Code Execution Vulnerability(CVE-2017-2870)
Summary An exploitable integer overflow vulnerability exists in the tiffimageparse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this...
Hanbanggaoke IP Camera Arbitrary Password Change
Vulnerability summary The following advisory describes an arbitrary password change vulnerability found in Hanbanggaoke webcams. Beijing Hanbang Technology, “one of the first enterprises entering into digital video surveillance industry, has been focusing on R&D of products and technology of...
Ledger CLI Account Directive Use-After-Free Vulnerability(CVE-2017-2808)
Summary An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger th...
Openfire 3.6.4 Multiple CSRF Vulnerabilities
Product Description: Openfire is a real time collaboration RTC server licensed under the Open Source GPL. It uses the only widely adopted open protocol for instant messaging, XMPP also called Jabber. Openfire is incredibly easy to setup and administer, but offers rock-solid security and...
National Instruments LabVIEW RSRC Arbitrary Null Write Code Execution Vulnerability(CVE-2017-2779)
Summary An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW. A specially crafted VI file can cause an attacker controlled looping condition resulting in an arbitrary null write. An attacker controlled VI file can be used to trigger this...
FreeXL BIFF Dimension Marker Code Execution Vulnerability(CVE-2017-2924)
Summary An exploitable heap-based buffer overflow vulnerability exists in the readlegacybiff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. Tested...
FreeXL read_biff_next_record Code Execution Vulnerability(CVE-2017-2923)
Summary An exploitable heap based buffer overflow vulnerability exists in the readbiffnextrecord function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. Tested...
FineCMS_5.0.10_XSS#4
No description provided by source...
DEDECMS member center code submit defects can getshell
Preface : dedecms this year to update a lot of patches,the present article selected 20170315 patch for learning and research. Body: From the official website to download DEDECMS 20170315 patch using DIFF comparison tools for comparison: See the Red part, the servermsg1 variables appearing in dede...
FineCMS_5.0.10_XSS#3
No description provided by source...
FineCMS_5.0.10_XSS#2
No description provided by source...
FineCMS_5.0.10_XSS#1
No description provided by source...
FineCMS_5.0.10_XSS#5
No description provided by source...
IBOS enterprise collaboration management software the latest open source version of an SQL injection 2
No description provided by source...
IBOS enterprise collaboration management software the latest open source version of an SQL injection
No description provided by source...
Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol
Product Description Dlink is a multinational networking equipment manufacturing corporation. The Dlink 850L is a Wireless AC1200 Dual Band Gigabit "Cloud" Router. Mydlink Cloud Services allow you to access, view and control the devices on your home network from anywhere. Vulnerabilities Summary T...
IBOS enterprise collaboration management software the latest open source version of an SQL injection 3
No description provided by source...