The vulnerability of the Internet Explorer browser’s script handler allows a hacker to execute arbitrary code.

The vulnerability of the Internet Explorer browser’s script handler exists due to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

Apple Safari SimpleLineLayout Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2019-1991)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft .NET Framework Remote Code Execution Vulnerability (CNVD-2020-08132)

Microsoft .NET Framework is a comprehensive and consistent programming model from Microsoft Corporation USA and a Windows Store, Windows Phone, Windows Server, and Microsoft Azure applications. The platform includes the C and Visual Basic programming languages, a public language runtime library,...

Microsoft Excel Code Execution Vulnerability

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A security vulnerability exists in Microsoft Excel that stems from the software's failure to properly handle memory objects. The vulnerability can be exploited to execute arbitrary code in the context of...

(Pwn2Own) Sony X800G Smart TV Vewd Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony X800G Smart TV. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

Microsoft Excel 2010 Service Pack 2 Remote Code Execution Vulnerabilities (KB4484243)

This host is missing an important security update according to Microsoft KB4484243 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2020-0606

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'...

CVE-2020-0603

A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'...

Remote code execution

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, as well as Adobe Acrobat 2017 and Adobe Acrobat Reader 2017, stem from incorrect path name restrictions for restricted access catalogs. This allows attackers to disclose protected information within the context of the current user.

The vulnerability of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 exists due to a flawed limitation regarding the path name to the restricted catalog. Exploiting this vulnerability can...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-68.4.1-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-68.4.1esr-i686-1slack14.2.txz: Upgraded. This release fixes a critial security issue: Mozilla Foundation...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-68.4.0esr-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...

LKWA - Lesser Known Web Attack Lab

Lesser Known Web Attack Lab is for intermediate pentester that can test and practice lesser known web attacks such as Object Injection, XSSI, PHAR Deserialization, variables variable ..etc. Write-ups are welcome. Installation Just clone the git with git clone https://github.com/weev3/LKWA and mov...

[slackware-security] tigervnc

New tigervnc packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/tigervnc-1.10.1-i586-1slack14.2.txz: Upgraded. From tigervnc.org: "This is a security release to fix a number of issues that were...

[slackware-security] wavpack

New wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/wavpack-5.2.0-i586-1slack14.2.txz: Upgraded. Fixed denial-of-service and other potential security issues. For more...

Apple Safari commitPropertyChange Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(0Day) Microsoft Windows WebDAV Path Parsing Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Microsoft PowerPoint Remote Code Execution Vulnerability

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A remote code execution vulnerability exists in Microsoft PowerPoint, which stems from the program's failur...