cve database

Cisco IM and Presence Service SQL Injection Vulnerability (CVE-2015-4222)Cisco IM and Presence Service SQL Injection Vulnerability (CVE-2015-4222) Release date:Updated on:Affected Systems: Cisco uniied Communications Manager IM and Presence Ser 9.1 (1) Description: CVE (CAN) ID: CVE-2015-4222Cisco IM and Presence

Sap hana SQL Injection Vulnerability (CVE-2015-4159)Sap hana SQL Injection Vulnerability (CVE-2015-4159) Release date:Updated on:Affected Systems: Sap hana Web-based Development Workbench Description: CVE (CAN) ID: CVE-2015-4159Sap hana is a relational database managem

Sap hana xs Engine Buffer Overflow Vulnerability in CVE-2016-1928)Sap hana xs Engine Buffer Overflow Vulnerability in CVE-2016-1928) Release date:Updated on:Affected Systems: SAP HANA Description: CVE (CAN) ID: CVE-2016-1928Sap hana is a relational database management

GNU glibc Denial of Service Vulnerability (CVE-2014-8121) Release date:Updated on: Affected Systems:GNU glibcDescription:Bugtraq id: 73038CVE (CAN) ID: CVE-2014-8121 Glibc is the libc library released by GNU, that is, the c Runtime Library. Glibc is the most underlying api in linux, and almost any other Runtime Library depends on glibc. The file backend of Name Service Switch (NSS) does not isolate the

All-in-one machine linux server vulnerability Analysis Patch! linux:5.x Cell storage:11.2.3.1.1#漏洞需要的补丁包:glibc-2.5-123.0.1.el5_11.1.i686.rpmglibc-2.5-123.0.1.el5_11.1.x86_64.rpmglibc-common-2.5-123.0.1.el5_11.1.x86_64.rpmglibc-devel-2.5-123.0.1.el5_11.1.i386.rpmglibc-devel-2.5-123.0.1.el5_11.1.x86_64.rpmglibc-headers-2.5-123.0.1.el5_11.1.x86_64.rpmglibc-utils-2.5-123.0.1.el5_11.1.x86_64.rpmnscd-2.5-123.0.1.el5_11.1.x86_64.rpm#漏洞补丁包:http://public-yum.oracle.com/repo/OracleLinux/OL5/latest/x86_64/

Novell Zenworks SQL injection vulnerability in CVE-2015-0780)Novell Zenworks SQL injection vulnerability in CVE-2015-0780) Release date:Updated on:Affected Systems: Novell ZENworks Description: Bugtraq id: 74284CVE (CAN) ID: CVE-2015-0780Novell ZENworks Configuration Management is a Configuration Management solution in the ZENworks System gateway tool.Novel

PostgreSQL insecure temporary File Creation Vulnerability (CVE-2018-1053)PostgreSQL insecure temporary File Creation Vulnerability (CVE-2018-1053) Release date:Updated on:Affected Systems: PostgreSQL Description: Bugtraq id: 102986CVE (CAN) ID: CVE-2018-1053PostgreSQL is an advanced object-relational database ma

Multiple IBM DB2 product file leakage vulnerabilities (CVE-2015-1883)Multiple IBM DB2 product file leakage vulnerabilities (CVE-2015-1883) Release date:Updated on:Affected Systems: IBM DB2 9.8-FP5IBM DB2 9.7-FP10IBM DB2 10.5-FP5IBM DB2 10.1-FP5 Description: Bugtraq id: 75946CVE (CAN) ID: CVE-2015-1883IBM DB2 is a large commercial relational

released and reused objects. Status before the object is released: It can be seen that the creation process and size of the ctreenode Node object (0x60) Status of the released object: Set the following breakpoint to track the status after the onerror callback function is executed. Bu mshtml! Csplicetreeengine: insertsplice + 0x11fa After tracking to the following locations, you can find that the reused object is passed to cinsertspliceundo: setdata as a parameter. 3.2.5. Memory placeholder

Multiple IBM DB2 product Denial of Service Vulnerability (CVE-2015-0157)Multiple IBM DB2 product Denial of Service Vulnerability (CVE-2015-0157) Release date:Updated on:Affected Systems: IBM DB2 9.8-FP5IBM DB2 9.7-FP10IBM DB2 10.5-FP5IBM DB2 10.1-FP5 Description: Bugtraq id: 75947CVE (CAN) ID: CVE-2015-0157IBM DB2 is a large commercial relational

Multiple IBM DB2 product Denial of Service Vulnerability (CVE-2015-1935)Multiple IBM DB2 product Denial of Service Vulnerability (CVE-2015-1935) Release date:Updated on:Affected Systems: IBM DB2 Connect Enterprise Edition 9.7IBM DB2 Connect Unlimited Edition for System z 9.7IBM DB2 Connect Unlimited version for System I 9.7 Description: Bugtraq id: 75908CVE (CAN) ID:

Multiple IBM DB2 product file leakage vulnerabilities (CVE-2015-8910)Multiple IBM DB2 product file leakage vulnerabilities (CVE-2015-8910) Release date:Updated on:Affected Systems: IBM DB2 9.8-FP5IBM DB2 9.7-FP10IBM DB2 10.5-FP5IBM DB2 10.1-FP5 Description: Bugtraq id: 75949CVE (CAN) ID: CVE-2014-8910IBM DB2 is a large commercial relational

Oracle MySQL SSL certificate verification Security Restriction Bypass Vulnerability (CVE-2015-3152)Oracle MySQL SSL certificate verification Security Restriction Bypass Vulnerability (CVE-2015-3152) Release date:Updated on:Affected Systems: Oracle MySQL Server Description: Bugtraq id: 74398CVE (CAN) ID: CVE-2015-3152Oracle MySQL Server is a lightweight rel

cve-2012-5613 is a vulnerability where file permissions write trigger TRG store files (that is, forged trigger), which are triggered by root to elevate privilege. Do not know why this loophole has not been repaired, probably MySQL think this is a feature bar.Get readyTest environment:Server Version:5.5.48-log Source DistributionCreate a trigger in the test database:CREATE TABLE foo (a int, b int, ts TIMESTAMP);CREATE TABLE bar (a int, b int);INSERT in

Token story (CVE-2015-0002)0x00 Preface I like vulnerability research very much and sometimes find a significant difference between the difficulty of vulnerability mining and the difficulty of exploits. The Project Zero Blog contains many complex exploitation processes for seemingly trivial vulnerabilities. You may ask, why do we try to prove that the vulnerability is usable? I hope that at the end of this blog, you can better understand why we alway

Guest tulinux kernel overlayfs File System Local Privilege Escalation Vulnerability (CVE-2015-1328) Release Date: Updated: Affected Systems: Guest tulinux15.04?tulinux14.10=tulinux14.04?tulinux12.04 Description: CVE (CAN) ID: CVE-2015-1328ov Ubuntu Linux kernel overlayfs Local Privilege Escalation Vulnerability (CVE-20

be called by the Java corresponding entity, then the corresponding Java object needs to be discarded (does not mean that the recycling, only the program does not use it) to call the corresponding C, C + + provided by the local interface to release the memory information, Their release also needs to be released through free or delete, so we generally do not abuse finalize (), you may think of another class of special reference object release, such as the number of layers reference too many, Java

Apple OSX Message cross-origin Scripting Vulnerability (CVE-2016-1764) Apple's CVE-2016-1764, fixed in March, is an application-layer vulnerability that can cause remote attackers to leak all the message content and attachments with the iMessage client.Compared with the attack on the iMessage protocol, this is a relatively simple vulnerability. Attackers do not need to have a solid mathematical foundation,

cve-2017-12617 The Apache Tomcat team announced October 3 that if the default servlet is configured, at 9.0.1 (Beta), 8.5.23, All Tomcat versions prior to 8.0.47 and 7.0.82 contain potentially dangerous remote execution code (RCE) vulnerabilities on all operating systems, cve-2017-12617: Remote code execution vulnerabilities. Environment Using Image:tomcat:7.0.79-jre8 to reproduce vulnerabilities Docker-co

Cisco Unity Connection SQL injection vulnerability in CVE-2014-3336) Release date:Updated on: Affected Systems:Cisco Unity ConnectionDescription:--------------------------------------------------------------------------------Bugtraq id: 69163CVE (CAN) ID: CVE-2014-3336Cisco Unity Connection transparently integrates the messaging and speech recognition components with your data network to provide uninterru