cve details

OpenSSL session ticket Memory leakage Vulnerability (CVE-2014-3567) Release date:Updated on: Affected Systems:OpenSSL Project OpenSSL Description:Bugtraq id: 70586CVE (CAN) ID: CVE-2014-3567 OpenSSL is an open-source SSL implementation that implements high-strength encryption for network communication. It is widely used in various network applications. After receiving the session ticket, the OpenSSL SSL

GitLab is not affected by Rails Security Vulnerability CVE-2014-3483 Yesterday, the Rails framework released a recommendation on SQL injection security: security advisory for SQL injection vulnerability CVE-2014-3483. GitLab officially tested and published a message saying: GitLab is not affected by the vulnerability. The CVE-2014-3483 affects applications that

Mozilla Firefox/Thunderbird Multiple Memory Corruption Vulnerabilities (CVE-2014-1548) Release date:Updated on: Affected Systems:Mozilla Firefox 31Mozilla Thunderbird 31Description:--------------------------------------------------------------------------------Bugtraq id: 68818CVE (CAN) ID: CVE-2014-1548Firefox/Thunderbird/SeaMonkey is the WEB browser and mail/newsgroup client released by Mozilla.Firefox 31

Mozilla Firefox/Thunderbird certificate Parsing Vulnerability (CVE-2014-1560) Release date:Updated on: Affected Systems:Mozilla Firefox 31Mozilla Thunderbird 31Description:--------------------------------------------------------------------------------Bugtraq id: 68813CVE (CAN) ID: CVE-2014-1560Firefox/Thunderbird/SeaMonkey is the WEB browser and mail/newsgroup client released by Mozilla.Firefox 31 and Thun

Mozilla Firefox/Thunderbird Stack Buffer Overflow (CVE-2014-1549) Release date:Updated on: Affected Systems:Mozilla Firefox 31Mozilla Thunderbird 31Description:--------------------------------------------------------------------------------Bugtraq id: 68820CVE (CAN) ID: CVE-2014-1549Firefox/Thunderbird/SeaMonkey is the WEB browser and mail/newsgroup client released by Mozilla.Firefox 31 and Thunderbird 31 h

Mozilla Firefox/Thunderbird certificate Parsing Vulnerability (CVE-2014-1558) Release date:Updated on: Affected Systems:Mozilla Firefox 31Mozilla Thunderbird 31Description:--------------------------------------------------------------------------------Bugtraq id: 68812CVE (CAN) ID: CVE-2014-1558Firefox/Thunderbird/SeaMonkey is the WEB browser and mail/newsgroup client released by Mozilla.Firefox 31 and Thun

ImageMagick DoS Vulnerability (CVE-2017-1000445)ImageMagick DoS Vulnerability (CVE-2017-1000445) Release date:Updated on:Affected Systems: ImageMagick ImageMagick Description: Bugtraq id: 102368CVE (CAN) ID: CVE-2017-1000445ImageMagick is an open-source image viewing and editing tool on Unix/Linux platforms.ImageMagick 7.0.7-1 and earlier versions have the NULL

Wireshark Ptvcursor Denial-of-Service Vulnerability (CVE-2015-6248)Wireshark Ptvcursor Denial-of-Service Vulnerability (CVE-2015-6248) Release date:Updated on:Affected Systems: Wireshark Wireshark 1.12.x Description: Bugtraq id: 76387CVE (CAN) ID: CVE-2015-6248Wireshark is the most popular network protocol parser.Wireshark versions earlier than 1.12.7, epan/prot

Mozilla Firefox Security Restriction Bypass Vulnerability (CVE-2015-4498)Mozilla Firefox Security Restriction Bypass Vulnerability (CVE-2015-4498) Release date:Updated on:Affected Systems: Mozilla Firefox Mozilla Firefox Description: Bugtraq id: 76505CVE (CAN) ID: CVE-2015-4498Mozilla Firefox is an open-source web browser that uses the Gecko engine.In vers

QEMU ehci_process_itd Function Denial of Service Vulnerability (CVE-2015-8558)QEMU ehci_process_itd Function Denial of Service Vulnerability (CVE-2015-8558) Release date:Updated on:Affected Systems: QEMU Description: Bugtraq id: 80694CVE (CAN) ID: CVE-2015-8558QEMU is an open source simulator software.QEMU has security vulnerability in hw/usb/hcd-ehci.c/ehc

Guest tulinux kernel overlayfs File System Local Privilege Escalation Vulnerability (CVE-2015-1328) Release Date: Updated: Affected Systems: Guest tulinux15.04?tulinux14.10=tulinux14.04?tulinux12.04 Description: CVE (CAN) ID: CVE-2015-1328ov Ubuntu Linux kernel overlayfs Local Privilege Escalation Vulnerability (CVE-20

Apache Tomcat Remote Denial of Service Vulnerability (CVE-2014-0186) Release date:Updated on: Affected Systems:Apache Group Tomcat 7.xDescription:--------------------------------------------------------------------------------Bugtraq id: 68072CVE (CAN) ID: CVE-2014-0186Apache Tomcat is a popular open-source JSP application server program.Apache Tomcat 7.0.42-4. el7 build and other versions have the Remote D

Release date:Updated on: Affected Systems:PostgreSQL 8.xDescription:--------------------------------------------------------------------------------Bugtraq id: 65723CVE (CAN) ID: CVE-2014-0060 PostgreSQL is an advanced object-relational database management system that supports extended SQL standard subsets. PostgreSQL 9.3.3, 9.2.7, 9.1.12, 9.0.16, and earlier than 8.4.20 have security vulnerabilities... the without admin option restriction can be b

CVE-2015-0313: New Flash Exploit Analysis OverviewFlash Player has recently reported many high-risk vulnerabilities, and The Flash program will usher in a wave of climax as it becomes increasingly popular.EnvironmentVulnerability: cve-2015-0313System: Windows 7 + IE11 + flash player 16.0.0.296 (debug version, this version and earlier versions will trigger the vulnerability)Summary: Exploit, ASLR, drop, EIP

PostgreSQL 'pgcrypto' Module Buffer Overflow Vulnerability (CVE-2015-0243) Release date:Updated on: Affected Systems:PostgreSQL 9.4PostgreSQL 9.1PostgreSQL 8.4Description:Bugtraq id: 72542CVE (CAN) ID: CVE-2015-0243 PostgreSQL is an advanced object-relational database management system that supports extended SQL standard subsets. PostgreSQL 8.4, 9.1, and 9.4 versions of pgcrypto functions do not correctly p

Google Chrome Security Vulnerabilities (CVE-2014-3179) Release date:Updated on: Affected Systems:Google Chrome Description:Bugtraq id: 69710CVE (CAN) ID: CVE-2014-3179 Google Chrome is a Web browser tool developed by Google. Google Chrome versions earlier than 37.0.2062.120 have multiple vulnerabilities. The details are unknown. Link: http://secunia.com/advisorie

cve-2017-12617 The Apache Tomcat team announced October 3 that if the default servlet is configured, at 9.0.1 (Beta), 8.5.23, All Tomcat versions prior to 8.0.47 and 7.0.82 contain potentially dangerous remote execution code (RCE) vulnerabilities on all operating systems, cve-2017-12617: Remote code execution vulnerabilities. Environment Using Image:tomcat:7.0.79-jre8 to reproduce vulnerabilities Docker-co

Token story (CVE-2015-0002)0x00 Preface I like vulnerability research very much and sometimes find a significant difference between the difficulty of vulnerability mining and the difficulty of exploits. The Project Zero Blog contains many complex exploitation processes for seemingly trivial vulnerabilities. You may ask, why do we try to prove that the vulnerability is usable? I hope that at the end of this blog, you can better understand why we alway

Apache HTTP Server Remote Denial of Service Vulnerability (CVE-2014-0231) Release date:Updated on: Affected Systems:Apache Group HTTP Server 2.4.6-2.4.9Description:--------------------------------------------------------------------------------Bugtraq id: 68742CVE (CAN) ID: CVE-2014-0231Apache HTTP Server is an open-source Web Server of the Apache Software Foundation. It can run in most computer operating s

Mozilla Firefox/Thunderbird Multiple Memory Corruption Vulnerabilities (CVE-2014-1534) Release date:Updated on: Affected Systems:Mozilla Firefox lt; 30.0Description:--------------------------------------------------------------------------------Bugtraq id: 67964CVE (CAN) ID: CVE-2014-1534Firefox/Thunderbird/SeaMonkey is the WEB browser and mail/newsgroup client released by Mozilla.Browser engines earlier t