Apple iOS 10.3 - Control Panel Denial of Service Vulnerability

Document Title: =============== Apple iOS 10.3 - Control Panel Denial of Service Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2059 Video: https://www.youtube.com/watch?v=MSscCLATxPQ Release Date: ============= 2017-04-27 Vulnerability Laboratory ID...

Apple iOS 10.3 - Control Panel Denial of Service Vulnerability

Document Title: =============== Apple iOS 10.3 - Control Panel Denial of Service Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2059 Video: https://www.youtube.com/watch?v=MSscCLATxPQ Release Date: ============= 2017-04-26 Vulnerability Laboratory ID...

KLA10984 Privilege escalation vulnerabilities in Windows kernel

Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An improper check of a buffer length prior to copying memory to the buffer can be exploited remotely ...

CVE-2016-9418

MyBB aka MyBulletinBoard before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name...

CVE-2016-9421

Cross-site scripting XSS vulnerability in the Users module in the Admin control panel in MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-9407

Cross-site scripting XSS vulnerability in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs...

CVE-2016-9413

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

CVE-2016-9419

Cross-site scripting XSS vulnerability in the Admin control panel in MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-9408

Cross-site scripting XSS vulnerability in the Mod control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving editing users...

CVE-2016-9407

Cross-site scripting XSS vulnerability in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs...

CVE-2016-9411

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to obtain the installation path via vectors involving sending mails...

CVE-2016-9409

Cross-site scripting XSS vulnerability in the Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving pruning logs...

CVE-2016-9406

Cross-site scripting XSS vulnerability in the User control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving Mod control panel logs...

Code injection

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

Sql injection

SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Users module in the Admin control panel in MyBB aka MyBulletinBoard before 1.8.8 and MyBB Merge System before 1.8.8 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Design/Logic Flaw

The Admin control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to obtain the installation path via vectors involving sending mails...

Cross site scripting

Cross-site scripting XSS vulnerability in the Mod control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving editing users...

CVE-2015-8974

SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB aka MyBulletinBoard before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...