[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15149 Download | Alert*

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions .

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user that has access to a jailed system is able to abuse shared memory by injecting malicious content in the s ...

The host is installed with Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted script. Successful exploitation could allow attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

The host is installed with Elasticsearch before 1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle the source parameter to _search. Successful exploitation could allow attackers to execute arbitrary MVEL expressions and Java code.

The host is installed with Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a crafted script. Successful exploitation could allow attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands.

The host is installed with Elasticsearch before 1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle the source parameter to _search. Successful exploitation could allow attackers to execute arbitrary MVEL expressions and Java code.

The host is installed with Elasticsearch 1.4.x before 1.4.5 or 1.5.x before 1.5.2 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to read arbitrary files.

The host is installed with Elasticsearch 1.4.x before 1.4.5 or 1.5.x before 1.5.2 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to read arbitrary files.

utils/find-opencv.js in node-opencv prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands.

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.


Pages:      Start    1481    1482    1483    1484    1485    1486    1487    1488    1489    1490    1491    1492    1493    1494    ..   1514

© SecPod Technologies