Linux ati_remote2 Null Pointer Dereference
Posted by deepcore under exploit (No Respond)
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the ati_remote2 driver.
Archive for March, 2016
Kaltura Community Edition 11.1.0-2 Code Execution / File Upload / File Read
Posted by deepcore under exploit (No Respond)
The Kaltura platform contains a number of vulnerabilities, allowing unauthenticated users to execute code, read files, and access services listening on the localhost interface. Vulnerabilities present in the application also allow authenticated users to execute code by uploading a file, and perform stored cross site scripting attacks from the Kaltura Management Console into the admin […]
Netgear ReadyNAS Remote Code Execution
Posted by deepcore under exploit (No Respond)
Netgear ReadyNAS suffers from a remote root code execution vulnerability.
[webapps] – AKIPS Network Monitor 15.37 through 16.5 – OS Command Injection
Posted by deepcore under Security (No Respond)
[remote] – Cisco UCS Manager 2.1(1b) – Shellshock Exploit
Posted by deepcore under Security (No Respond)
[remote] – OpenSSH <= 7.2p1 – xauth Injection
Posted by deepcore under Security (No Respond)
[dos] – Netwrix Auditor 7.1.322.0 – ActiveX (sourceFile) Stack Buffer Overflow
Posted by deepcore under Security (No Respond)
[webapps] – Kaltura Community Edition <=11.1.0-2 – Multiple Vulnerabilities
Posted by deepcore under Security (No Respond)
Chamlio LMS v1.10.2 – (Profile) Persistent Web Vulnerability
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered an application-side cross site vulnerability in the offical Chamilo LMS web-application.
ChitaSoft (Web-Application) – SQL Injection Vulnerability
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered a remote sql injection web vulnerability in the official ChitaSoft web-application(2016Q1).