cve details

ASUS router command execution vulnerability CVE-2014-9583 A serious security vulnerability exists in the firmware of the ASUS router, allowing unauthenticated command execution. CVE CVE-2014-9583. Affected Versions Currently, all known router firmware versions (RT-AC66U, RT-N66U, etc.) are affected. The actual measurement is performed in 3.0.0.376.2524-g0013f52.

Mozilla Firefox/Thunderbird remote code execution vulnerability in CVE-2014-1557) Release date:Updated on: Affected Systems:Mozilla Firefox 31Mozilla Thunderbird 31Description:--------------------------------------------------------------------------------Bugtraq id: 68824CVE (CAN) ID: CVE-2014-1557Firefox/Thunderbird/SeaMonkey is the WEB browser and mail/newsgroup client released by Mozilla.Firefox 31 and

Reuse memory corruption vulnerability after Mozilla Firefox is released (CVE-2015-4492)Reuse memory corruption vulnerability after Mozilla Firefox is released (CVE-2015-4492) Release date:Updated on:Affected Systems: Mozilla Firefox Mozilla Firefox lt; 38.2 Description: Bugtraq id: 76297CVE (CAN) ID: CVE-2015-4492Mozilla Firefox is an open-source web brows

Wireshark 'epan/packet. c' Remote Denial of Service Vulnerability (CVE-2015-6243)Wireshark 'epan/packet. c' Remote Denial of Service Vulnerability (CVE-2015-6243) Release date:Updated on:Affected Systems: Wireshark Wireshark 1.12.x Description: Bugtraq id: 76384CVE (CAN) ID: CVE-2015-6243Wireshark is the most popular network protocol parser.Wireshark versions ea

Wireshark gsm rlc/MAC parser DoS Vulnerability (CVE-2015-6245)Wireshark gsm rlc/MAC parser DoS Vulnerability (CVE-2015-6245) Release date:Updated on:Affected Systems: Wireshark Wireshark 1.12.x Description: Bugtraq id: 76382CVE (CAN) ID: CVE-2015-6245Wireshark is the most popular network protocol parser.In Wireshark versions earlier than 1.12.7, the gsm rlc/MAC

Apache Struts Security Restriction Bypass Vulnerability (CVE-2015-0899)Apache Struts Security Restriction Bypass Vulnerability (CVE-2015-0899) Release date:Updated on:Affected Systems: Apache Group Struts 1.1 Description: Bugtraq id: 74423CVE (CAN) ID: CVE-2015-0899Struts is the open source code used to build Web applications.The input verification bypass vulner

Tomcat security manager Bypass Vulnerability (CVE-2014-7810) Tomcat Security Manager Bypass Vulnerability, Vulnerability No.: CVE-2014-7810 Security Manager BypassVulnerability severity: AverageAffected Versions:--Apache Tomcat 8.0.0-RC1 to 8.0.15--Apache Tomcat 7.0.0 to 7.0.57--Apache Tomcat 6.0.0 to 6.0.43Vulnerability description:Malicious Web applications can bypass the protection of Tomcat security ma

Apple Safari information leakage (CVE-2015-1155)Apple Safari information leakage (CVE-2015-1155) Release date:Updated on:Affected Systems: Apple Safari Apple Safari Apple Safari Description: Bugtraq id: 74527CVE (CAN) ID: CVE-2015-1155Safari is the browser in Mac OS X, the latest operating system of Apple Computer. It uses KDE's KHTML as the core of browse

QEMU 'FW _ cmd_write () 'function Remote Code Execution Vulnerability (CVE-2016-1714)QEMU 'FW _ cmd_write () 'function Remote Code Execution Vulnerability (CVE-2016-1714) Release date:Updated on:Affected Systems: QEMU Description: Bugtraq id: 80250CVE (CAN) ID: CVE-2016-1714QEMU is an open source simulator software.In versions earlier than Qemu 2.4 that su

1. Background informationToday we want to start with a PHP remote DOS vulnerability in 2015.04.03 (cve-2015-4024). See the link below for technical details, https://bugs.php.net/bug.php?id=69364. Because PHP parses the header of the body part for string stitching, and the stitching process repeats the copy character resulting in DOS. In fact, the vulnerability has other non-DOS utilization value, one of whi

Google Chrome Security Vulnerabilities (CVE-2015-1265)Google Chrome Security Vulnerabilities (CVE-2015-1265) Release date:Updated on:Affected Systems: Google Chrome 43.0.2357.65 Description: Bugtraq id: 74727CVE (CAN) ID: CVE-2015-1265Google Chrome is a Web browser tool developed by Google.Chrome versions earlier than 43.0.2357.65 have multiple security vulnerab

GNU Wget symbolic link Vulnerability (CVE-2014-4877) Release date:Updated on: Affected Systems:GNU wgetDescription:Bugtraq id: 70751CVE (CAN) ID: CVE-2014-4877 GNU Wget is a free software package used to retrieve files using HTTP, HTTPS, and FTP protocols. GNU Wget has a symbolic link vulnerability. Attackers can exploit this vulnerability to access files outside the restricted directory, obtain sensitive i

Status2k Remote Command Injection Vulnerability (CVE-2014-5090) Release date:Updated on: Affected Systems:Status2k Status2kDescription:--------------------------------------------------------------------------------Bugtraq id: 69017CVE (CAN) ID: CVE-2014-5090Status2k is a self-managed server statistics dashboard that allows you to quickly view Server clusters.Status2k does not effectively filter user input

PHP Multiple Remote Code Execution Vulnerabilities (CVE-2015-6834)PHP Multiple Remote Code Execution Vulnerabilities (CVE-2015-6834) Release date:Updated on:Affected Systems: PHP PHP Unaffected system: PHP PHP 5.x Description: Bugtraq id: 76649CVE (CAN) ID: CVE-2015-6834PHP is a widely used scripting language. It is especially suitable for Web development and ca

Mozilla Firefox man-in-the-middle Security Restriction Bypass Vulnerability (CVE-2015-4483)Mozilla Firefox man-in-the-middle Security Restriction Bypass Vulnerability (CVE-2015-4483) Release date:Updated on:Affected Systems: Mozilla Firefox Description: Bugtraq id: 76510CVE (CAN) ID: CVE-2015-4483Mozilla Firefox is an open-source web browser that uses the

QEMU Heap Buffer Overflow Vulnerability (CVE-2015-5225)QEMU Heap Buffer Overflow Vulnerability (CVE-2015-5225) Release date:Updated on:Affected Systems: QEMU Description: Bugtraq id: 76506CVE (CAN) ID: CVE-2015-5225QEMU is an open source simulator software.Qemu vnc shows that the driver has a heap buffer overflow vulnerability. This vulnerability is trigger

Mozilla Firefox Multiple Integer Overflow Vulnerability (CVE-2015-4496)Mozilla Firefox Multiple Integer Overflow Vulnerability (CVE-2015-4496) Release date:Updated on:Affected Systems: Mozilla Firefox Description: Bugtraq id: 76333CVE (CAN) ID: CVE-2015-4496Mozilla Firefox is an open-source web browser that uses the Gecko engine.When versions earlier than Mozil

the actual Flash file was embedded into a malicious. SWF file that was highly obfuscated. After stripping the obfuscation code, we fully analyzed the vulnerability and found the running method of Exp.Before introducing the details, share our "mysterious" findings: These code snippets are somewhat similar to the vulnerability exploitation code of CVE-2014-8439. These two vulnerabilities are likely to be exp

FFmpeg 'libavcodec/utvideodec. c' Denial of Service Vulnerability (CVE-2014-9604) FFmpeg 'libavcodec/utvideodec. c' Denial of Service Vulnerability (CVE-2014-9604) Release date:Updated on: Affected Systems:FFmpeg Description:Bugtraq id: 72272CVE (CAN) ID: CVE-2014-9604 FFmpeg is a free software that allows you to perform video, transfer, and stream functions

GitLab is not affected by Rails Security Vulnerability CVE-2014-7818 Yesterday the Rails framework released a security vulnerability security advisory for file existence disclosure vulnerability CVE-2014-7818. GitLab is not affected by this vulnerability. The CVE-2014-7818 affects Rails applications that use config. serve_static_assets = true, while the configu