[Forgot Password]
Login  Register Subscribe

24003

 
 

131517

 
 

106904

 
 

909

 
 

84902

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 106906 Download | Alert*

SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier have a default password of 12345678, which makes it easier for remote attackers to obtain access after a factory reset or in a factory configuration.

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8.0_5551 and earlier, and Arlo Q Plus devices with firmware 1.8.1_6094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it easier for remote attackers to obtain access via a dictionary attack.

Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.

Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /.

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.

Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.

Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.

Firejail does not properly clean environment variables, which allows local users to gain privileges.

Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.


Pages:      Start    10078    10079    10080    10081    10082    10083    10084    10085    10086    10087    10088    10089    10090    10091    ..   10690

© 2013 SecPod Technologies