Showing 1 - 7 of 7

Files Date: 2014-12-05

NASA Orion (Mars) Filter Bypass / Persistent Cross Site Scripting: Posted Dec 5, 2014; Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com; The NASA Orion (Mars) website suffers from filter bypass and persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; MD5 | d6e231218cbfa4ae51582480cfebe4ad; Download | Favorite | View

OpenEMR 4.1.2(7) SQL Injection: Posted Dec 5, 2014; Authored by Jerzy Kramarz | Site portcullis-security.com; OpenEMR versions 4.1.2(7) and below suffer from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; advisories | CVE-2014-5462; MD5 | f5a1a6caaa8d8207f92143b2089aedf7; Download | Favorite | View

VMware Security Advisory 2014-0012: Posted Dec 5, 2014; Authored by VMware | Site vmware.com; VMware Security Advisory 2014-0012 - VMware vSphere product updates address a Cross Site Scripting issue, a certificate validation issue and security vulnerabilities in third-party libraries.; tags | advisory, vulnerability, xss; advisories | CVE-2013-1752, CVE-2013-2877, CVE-2013-4238, CVE-2014-0015, CVE-2014-0138, CVE-2014-0191, CVE-2014-3797, CVE-2014-8371; MD5 | f36bc2e46b09054b56cf41449f829177; Download | Favorite | View

HP Security Bulletin HPSBGN03205 1: Posted Dec 5, 2014; Authored by HP | Site hp.com; HP Security Bulletin HPSBGN03205 1 - A potential security vulnerability has been identified with HP Insight Remote Support Clients running SSLv3 which may impact WBEM, WS-MAN and WMI connections from monitored devices to a HP Insight Remote Support Central Management Server (CMS). This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. SSLv3 is enabled by default in all version 5 HP Insight Remote Support Clients. Revision 1 of this advisory.; tags | advisory, remote; advisories | CVE-2014-3566; MD5 | d616a2661271c171262b03bade501297; Download | Favorite | View

HP Security Bulletin HPSBUX03218 SSRT101770 1: Posted Dec 5, 2014; Authored by HP | Site hp.com; HP Security Bulletin HPSBUX03218 SSRT101770 1 - Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.; tags | advisory, java, remote, vulnerability; systems | hpux; advisories | CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-2014-6476, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6513, CVE-2014-6515, CVE-2014-6517, CVE-2014-6519, CVE-2014-6527, CVE-2014-6531, CVE-2014-6558; MD5 | bbb9a77e55c3648a6f1ca3ca0bd8d78d; Download | Favorite | View

Packet Storm Advisory 2014-1204-1 - Offset2lib: Bypassing Full ASLR On 64bit Linux: Posted Dec 5, 2014; Authored by Hector Marco, Ismael Ripoll | Site packetstormsecurity.com; The release of this advisory provides exploitation details in relation a weakness in the Linux ASLR implementation. The problem appears when the executable is PIE compiled and it has an address leak belonging to the executable. These details were obtained through the Packet Storm Bug Bounty program and are being released to the community.; tags | advisory, bug bounty, packet storm; systems | linux; MD5 | a5d4f2cb712163a7ebbd72e95f1856ec; Download | Favorite | View

Packet Storm Exploit 2014-1204-1 - Offset2lib: Bypassing Full ASLR On 64bit Linux: Posted Dec 5, 2014; Authored by Hector Marco, Ismael Ripoll | Site packetstormsecurity.com; Proof of concept code that demonstrates an ASLR bypass of PIE compiled 64bit Linux.; tags | exploit, proof of concept, bug bounty, packet storm; systems | linux; MD5 | 9b3003328fe6cdd2b86f5a1bb5b63531; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days