https://www.seebug.org/rss.xml赋予漏洞灵魂zh-cnMon, 10 Apr 2017 22:16:51 -0000https://www.seebug.org/vuldb/ssvid-92932 A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. https://www.seebug.org/vuldb/ssvid-92932 A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. 8代码执行2017-04-10 14:10:26https://www.seebug.org/vuldb/ssvid-86388Apache Struts是美国阿帕奇（Apache）软件基金会负责维护的一款用于创建企业级Java Web应用的开源框架。https://www.seebug.org/vuldb/ssvid-86388Apache Struts是美国阿帕奇（Apache）软件基金会负责维护的一款用于创建企业级Java Web应用的开源框架。9其他类型2017-04-10 07:52:30https://www.seebug.org/vuldb/ssvid-92931 https://www.seebug.org/vuldb/ssvid-92931 7命令执行2017-04-10 06:33:41https://www.seebug.org/vuldb/ssvid-92924ImageIO Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later A memory corruption issue was addressed through improved input validation.https://www.seebug.org/vuldb/ssvid-92924ImageIO Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later A memory corruption issue was addressed through improved input validation.8代码执行2017-04-10 04:39:39https://www.seebug.org/vuldb/ssvid-92930PHPCMS 注册页面任意文件上传漏洞https://www.seebug.org/vuldb/ssvid-92930PHPCMS 注册页面任意文件上传漏洞8文件上传2017-04-10 04:27:38https://www.seebug.org/vuldb/ssvid-92929PHPCMS v9 wap模块 SQL注入https://www.seebug.org/vuldb/ssvid-92929PHPCMS v9 wap模块 SQL注入8SQL 注入2017-04-10 03:06:21https://www.seebug.org/vuldb/ssvid-92530如果 Windows 内核模式驱动程序无法正确处理内存中对象，则会存在多个特权提升漏洞。成功利用此漏洞的攻击者可以在内核模式下运行任意代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 攻击者必须先登录系统，然后才能利用这些漏洞。然后攻击者可以运行一个为利用这些漏洞而经特殊设计的应用程序，从而控制受影响的系统。该更新通过更正 Windows 内核模式驱动程序处理内存中对象的方式来解决这些漏洞。https://www.seebug.org/vuldb/ssvid-92530如果 Windows 内核模式驱动程序无法正确处理内存中对象，则会存在多个特权提升漏洞。成功利用此漏洞的攻击者可以在内核模式下运行任意代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 攻击者必须先登录系统，然后才能利用这些漏洞。然后攻击者可以运行一个为利用这些漏洞而经特殊设计的应用程序，从而控制受影响的系统。该更新通过更正 Windows 内核模式驱动程序处理内存中对象的方式来解决这些漏洞。8权限提升2017-04-10 01:54:25https://www.seebug.org/vuldb/ssvid-92927 This bug report describes a vulnerability in memory_exchange() that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The vulnerability was introduced through a broken fix for CVE-2012-5513 / XSA-29.https://www.seebug.org/vuldb/ssvid-92927 This bug report describes a vulnerability in memory_exchange() that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The vulnerability was introduced through a broken fix for CVE-2012-5513 / XSA-29.8其他类型2017-04-09 04:54:07https://www.seebug.org/vuldb/ssvid-92531Datas from $_POST['updated_data'] inside usersettings.php are not properly validated so we can set user_admin value in database using this input. Version 2.1.2 Released issue still not fixedhttps://www.seebug.org/vuldb/ssvid-92531Datas from $_POST['updated_data'] inside usersettings.php are not properly validated so we can set user_admin value in database using this input. Version 2.1.2 Released issue still not fixed8权限提升2017-04-08 13:55:24https://www.seebug.org/vuldb/ssvid-92826DjangoUeditor是将百度开发的富文本编辑器Ueditor移植到Django中的组件，它的使用率还是相当高的。经笔者测试，即便是现在可以下载使用的1.9.143版本中，依然存在着这个漏洞。https://www.seebug.org/vuldb/ssvid-92826DjangoUeditor是将百度开发的富文本编辑器Ueditor移植到Django中的组件，它的使用率还是相当高的。经笔者测试，即便是现在可以下载使用的1.9.143版本中，依然存在着这个漏洞。8文件上传2017-04-08 12:05:03https://www.seebug.org/vuldb/ssvid-92926semcms /semcms/view.php 参数ID 注入漏洞 https://www.seebug.org/vuldb/ssvid-92926semcms /semcms/view.php 参数ID 注入漏洞 7SQL 注入2017-04-08 11:14:51https://www.seebug.org/vuldb/ssvid-92912 "Monitor and configure your Serv-U deployment from anywhere through our advanced web management console. No special applications are required to administrate your server and access is protected with highly secure HTTPS." - https://www.serv-u.com https://www.seebug.org/vuldb/ssvid-92912 "Monitor and configure your Serv-U deployment from anywhere through our advanced web management console. No special applications are required to administrate your server and access is protected with highly secure HTTPS." - https://www.serv-u.com 8权限提升2017-04-07 08:48:07https://www.seebug.org/vuldb/ssvid-92925熊海CMS v1.0 后台登录绕过漏洞https://www.seebug.org/vuldb/ssvid-92925熊海CMS v1.0 后台登录绕过漏洞8登录绕过2017-04-07 06:54:47https://www.seebug.org/vuldb/ssvid-92922This is somewhat similar to https://crbug.com/663476. https://www.seebug.org/vuldb/ssvid-92922This is somewhat similar to https://crbug.com/663476. 8跨站脚本2017-04-07 06:08:51https://www.seebug.org/vuldb/ssvid-92923Here's a snippet of the method SubframeLoader::requestFrame which is invoked when the |src| of an iframe object is changed.https://www.seebug.org/vuldb/ssvid-92923Here's a snippet of the method SubframeLoader::requestFrame which is invoked when the |src| of an iframe object is changed.8跨站脚本2017-04-07 03:35:56https://www.seebug.org/vuldb/ssvid-92921Note: It seems it doesn't crash the JSC compiled without Address Sanitizer. https://www.seebug.org/vuldb/ssvid-92921Note: It seems it doesn't crash the JSC compiled without Address Sanitizer. 8释放后重用2017-04-07 03:22:47https://www.seebug.org/vuldb/ssvid-92920This is a regression test from: https://crbug.com/541206. But I think it seems not possible to turn it into an UXSS in WebKit. https://www.seebug.org/vuldb/ssvid-92920This is a regression test from: https://crbug.com/541206. But I think it seems not possible to turn it into an UXSS in WebKit. 8跨站脚本2017-04-07 03:19:37https://www.seebug.org/vuldb/ssvid-92919I confirmed the PoC crashes the release version of Safari 10.0.3(12602.4.8). (It might need to refresh the page several times.)https://www.seebug.org/vuldb/ssvid-92919I confirmed the PoC crashes the release version of Safari 10.0.3(12602.4.8). (It might need to refresh the page several times.)8缓冲区溢出2017-04-07 03:16:42https://www.seebug.org/vuldb/ssvid-92918The latest version of this advisory is available at: https://sintonen.fi/advisories/qnap-qts-multiple-rce-vulnerabilities.txt https://www.seebug.org/vuldb/ssvid-92918The latest version of this advisory is available at: https://sintonen.fi/advisories/qnap-qts-multiple-rce-vulnerabilities.txt 7其他类型2017-04-07 02:05:52https://www.seebug.org/vuldb/ssvid-92917 https://www.seebug.org/vuldb/ssvid-92917 7其他类型2017-04-07 01:55:41