cve database

Objective:Oracle officially released the July Critical patch update CPU (Critical patch update), which fixes a high-risk vulnerability that could cause remote code execution cve-2018-2894:Http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlcve-2018-2894, a security researcher at China's National Internet Emergency Center Cncert Mingxuan Song and security researcher at Apple, David Litchfield, also submitted findings.The National

/*** CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC** Vitaly Nikolenko* http://hashcrack.org** Usage: ./poc [file_path]* * where file_path is the file on which you want to set the sgid bit*/#define _GNU_SOURCE#include #include #include #include #include #include #include #include #include #define STACK_SIZE (1024 * 1024)static char child_stack[STACK_SIZE];struct args {int pipe_fd[2];char *file_path;};static int child(void *arg) {struct arg

, CVE-2014-5091, CVE-2014-5092, CVE-2014-5093 1. Cross site scripting/XSS... there's tons, exampleAdmin login page, etc Login. php: If (isset ($ _ GET ['username']) {$ useren = $ _ GET ['username'];}If (isset ($ _ POST ['Password']) {$ useren =$ _ POST ['username'];}$ Q = mysql_query ("SELECT * FROM". $ prefix. "users ");$ Adminuser = $ res ['adminuser']; // Logi

-devel-2.12-1. the. el6.x86_64Glibc-common-2.12-1.132.el6.x86_64Glibc-2.12-1.132.el6.x86_64Glibc-headers-2.12-1.132.el6.x86_64#####################################################2. Download cve-2015-7547, unzip the following files:[Email protected] ~]# CD cve-2015-7547-master/[[email protected] cve-2015-7547-master]# lscve-2015-7547-client.c

Cacti auth_login.php bypass access restriction Vulnerability (CVE-2016-2313)Cacti auth_login.php bypass access restriction Vulnerability (CVE-2016-2313) Release date:Updated on:Affected Systems: Cacti Cacti Description: CVE (CAN) ID: CVE-2016-2313Cacti is a database round

ZOHO ManageEngine OpManager hard-coded credential Vulnerability (CVE-2015-7765)ZOHO ManageEngine OpManager hard-coded credential Vulnerability (CVE-2015-7765) Release date:Updated on:Affected Systems: zoho ManageEngine OpManager Description: CVE (CAN) ID: CVE-2015-7765ZOHO ManageEngine OpManager is a network performa

Cacti SQL Injection Vulnerability (CVE-2015-4342)Cacti SQL Injection Vulnerability (CVE-2015-4342) Release date:Updated on:Affected Systems: Cacti Cacti Description: CVE (CAN) ID: CVE-2015-4342Cacti is a database round robin (RRD) tool that helps you create images from

0x00 background Cve-2014-9390 is a recent fire bug, a git command could cause you to be hacked, I'm not going to delve into the details of this loophole, the authorities are already https://github.com/blog/1938- Git-client-vulnerability-announced and http://article.gmane.org/gmane.linux.kernel/1853266 have released detailed information. In short, if you use a case-insensitive operating system such as Windows or OSX, you should update the GIT cli

Openfire 3.10.2 CSRF Vulnerability (CVE-2015-6973)Openfire 3.10.2 CSRF Vulnerability (CVE-2015-6973) Release date:Updated on:Affected Systems: Openfiler Openfiler 3.10.2 Description: CVE (CAN) ID: CVE-2015-6973Openfire is a real-time Collaboration Server authorized by Open Source Apache License.Ignite Realtime Openfir

Sap hana xs engine DoS Vulnerability (CVE-2016-1929)Sap hana xs engine DoS Vulnerability (CVE-2016-1929) Release date:Updated on:Affected Systems: SAP HANA Description: CVE (CAN) ID: CVE-2016-1929Sap hana is a relational database management system.Sap hana's XS engine

Oracle MySQL Server DoS Vulnerability (CVE-2016-0616)Oracle MySQL Server DoS Vulnerability (CVE-2016-0616) Release date:Updated on:Affected Systems: Oracle MySQL Server Description: CVE (CAN) ID: CVE-2016-0616Oracle MySQL Server is a lightweight relational database sy

Tryton-server Access Vulnerability (CVE-2015-0861)Tryton-server Access Vulnerability (CVE-2015-0861) Release date:Updated on:Affected Systems: Tryton Description: CVE (CAN) ID: CVE-2015-0861Tryton is a general application framework, licensed by GPL-3, written in Python, PostgreSQL as a

SQLite Denial of Service Vulnerability (CVE-2015-3414)SQLite Denial of Service Vulnerability (CVE-2015-3414) Release date:Updated on:Affected Systems: SQLite Description: CVE (CAN) ID: CVE-2015-3414SQLite is an embedded database.In versions earlier than SQLite 3.8.9, the sequence name of sorting rules is not pro

Apache Hive Authentication Vulnerability (CVE-2015-1772)Apache Hive Authentication Vulnerability (CVE-2015-1772) Release date:Updated on:Affected Systems: Apache Group Hive 1.1.0Apache Group Hive 0.11.0－1.0.0 Description: CVE (CAN) ID: CVE-2015-1772Apache Hive is a database

Oracle MySQL Server local vulnerability (CVE-2016-3501)Oracle MySQL Server local vulnerability (CVE-2016-3501) Release date:Updated on:Affected Systems: Oracle MySQL Server Oracle MySQL Server Description: CVE (CAN) ID: CVE-2016-3501Oracle MySQL Server is a lightweight relational

Oracle MySQL Enterprise Monitor Remote Vulnerability (CVE-2016-3461)Oracle MySQL Enterprise Monitor Remote Vulnerability (CVE-2016-3461) Release date:Updated on:Affected Systems: Oracle MySQL Oracle MySQL Description: CVE (CAN) ID: CVE-2016-3461Oracle MySQL Server is a lightweight relational

OpenSSL SRP_VBASE_get_by_user Memory leakage (CVE-2016-0798)OpenSSL SRP_VBASE_get_by_user Memory leakage (CVE-2016-0798) Release date:Updated on:Affected Systems: OpenSSL Project OpenSSL OpenSSL Project OpenSSL Unaffected system: OpenSSL Project OpenSSL 1.0.2gOpenSSL Project OpenSSL 1.0.1s Description: CVE (CAN) ID: CVE