Showing 1 - 14 of 14

Files Date: 2014-06-18

web2Project 3.1 SQL Injection: Posted Jun 18, 2014; Authored by High-Tech Bridge SA | Site htbridge.com; web2Project version 3.1 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2014-3119; SHA-256 | 6563ec017097f58cee38cd13098192c9c9cc78f8142068a0465b826f646289e2; Download | Favorite | View

Dolphin 7.1.4 SQL Injection: Posted Jun 18, 2014; Authored by High-Tech Bridge SA | Site htbridge.com; Dolphin version 7.1.4 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2014-3810; SHA-256 | 4595877d53716d0005b582527a83b60fa52e3698c6982a99b0f05b5443fd9e8f; Download | Favorite | View

Ubuntu Security Notice USN-2249-1: Posted Jun 18, 2014; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2249-1 - Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see URL provider templates of other tenants for a limited time.; tags | advisory, remote; systems | linux, ubuntu; advisories | CVE-2014-3801; SHA-256 | 8be9fac4ad36b56bcc237a02c24459e6268fc88401496dd72a882fe5be9891e9; Download | Favorite | View

Red Hat Security Advisory 2014-0764-01: Posted Jun 18, 2014; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2014-0764-01 - The rubygem-openshift-origin-node package provides basic OpenShift node functionality. A command injection flaw was found in rubygem-openshift-origin-node. A remote, authenticated user permitted to install cartridges via the web interface could use this flaw to execute arbitrary code with root privileges on the Red Hat OpenShift Enterprise node server. This issue was discovered by Jeremy Choi of the Red Hat HSS Pen-test Team. The rubygem-openshift-origin-node package has been upgraded to version 1.23.9.11. Additionally, the rubygem-openshift-origin-container-selinux package has been upgraded to version 0.8.1.2, as needed by the updated rubygem-openshift-origin-node package.; tags | advisory, remote, web, arbitrary, root; systems | linux, redhat; advisories | CVE-2014-3496; SHA-256 | 9efb51187bcf53776704421d89805d50742bcf7b104c1bee8f2470b01e14a698; Download | Favorite | View

Secunia CSI/VIM Cross Site Scripting: Posted Jun 18, 2014; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; The Secunia CSI/VIM web application service suffered from a cross site scripting vulnerability.; tags | exploit, web, xss; SHA-256 | 92a659ba8b4c66e3c8c83c07582a818e841eb8e24b014d6097b53cd8091542a0; Download | Favorite | View

Docket 0.11 VMM-Container Breakout: Posted Jun 18, 2014; Authored by Sebastian Krahmer; This code demonstrates that any given docker image someone is asking you to run in your docker setup can access ANY file on your host, e.g. dumping hosts /etc/shadow or other sensitive info, compromising security of the host and any other docker VM's on it.; tags | exploit; SHA-256 | 79a596f0ad35ccd46be65186db4b3f63701dd6939dde09f6ffd6c4df24a5afbe; Download | Favorite | View

Ubuntu Security Notice USN-2248-1: Posted Jun 18, 2014; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2248-1 - Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Cinder did not properly set up its sudo configuration. If a different flaw was found in OpenStack Cinder, this vulnerability could be used to escalate privileges.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2013-1068; SHA-256 | 9a2f0de0000b134ad574967e2bd386f2a93c4dcb9cb13051779edfbef45c99f6; Download | Favorite | View

CDVI ACAC22 Authentication / Denial Of Service: Posted Jun 18, 2014; Authored by Gassy Jack; CDVI ACAC22 suffers from a lack of transport encryption for authentication and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability; SHA-256 | 047f2ac3e771278a841178d716fb08b78428f50401ded7587c85313fcd19564c; Download | Favorite | View

Red Hat Security Advisory 2014-0763-01: Posted Jun 18, 2014; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2014-0763-01 - The rubygem-openshift-origin-node package provides basic OpenShift node functionality. A command injection flaw was found in rubygem-openshift-origin-node. A remote, authenticated user permitted to install cartridges via the web interface could use this flaw to execute arbitrary code with root privileges on the Red Hat OpenShift Enterprise node server. This issue was discovered by Jeremy Choi of the Red Hat HSS Pen-test Team. All rubygem-openshift-origin-node users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.; tags | advisory, remote, web, arbitrary, root; systems | linux, redhat; advisories | CVE-2014-3496; SHA-256 | 79473a1f28bbcc4c39fd9388de8288a9e16010e2592fe8e5daab4774863d34ee; Download | Favorite | View

Red Hat Security Advisory 2014-0762-01: Posted Jun 18, 2014; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2014-0762-01 - The rubygem-openshift-origin-node package provides basic OpenShift node functionality. A command injection flaw was found in rubygem-openshift-origin-node. A remote, authenticated user permitted to install cartridges via the web interface could use this flaw to execute arbitrary code with root privileges on the Red Hat OpenShift node server. This issue was discovered by Jeremy Choi of the Red Hat HSS Pen-test Team. All rubygem-openshift-origin-node users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.; tags | advisory, remote, web, arbitrary, root; systems | linux, redhat; advisories | CVE-2014-3496; SHA-256 | ec30fba6c7a4c628bcdf2ec87477ea24857971985c11008a44df152fc67cd6b8; Download | Favorite | View

PayPal SecurityKey Card Serialnumber Module Code Injection: Posted Jun 18, 2014; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; PayPal's SecurityKey Card Serialnumber module suffered from a code injection vulnerability.; tags | advisory; SHA-256 | 5a18a5ce198fb752971c12d26f955c587d8e29ca6aae09a17b3ee8a28d3de784; Download | Favorite | View

Motorola SBG901 Wireless Modem Cross Site Request Forgery: Posted Jun 18, 2014; Authored by Blessen Thomas; Motorola SBG901 wireless modem suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2014-3778; SHA-256 | 2114dc82cdf7f776e31c2ccf76f30c40047220896c4cdabf641d251581427434; Download | Favorite | View

SugarCRM 6.5.16 XXE Injection: Posted Jun 18, 2014; Authored by pnig0s; SugarCRM versions 6.5.16 and below suffer from an XML external entity attack vulnerability.; tags | advisory, xxe; SHA-256 | 75ac9dbf751b5a7e72f7c1007cb231586a2d7bdca087f2e5353448d2f0bdd326; Download | Favorite | View

support.software.dell.com Cross Site Scripting: Posted Jun 18, 2014; Authored by Robert Garcia; support.software.dell.com suffered from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 88fbae513ec4e3557bcb15ecf8718e931175d1ec7b735014a5386f26ec052997; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Files Date: 2014-06-18

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems