Microsoft Windows CVE-2019-1420 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...

LinPwn - Interactive Post Exploitation Tool

LinPwn is a interactive tool created to assist you in post exploitation enumeration and privilege escalation. Connection Set your IP and port you want it to connect to in the Connection class. Place the LinPwn binary on the target machine. Run nc -lvp PORT on your machine and then run LinPwn on t...

SQL Injection Vulnerability in Marketing System of Baoding Interactive Enterprise Marketing Planning Co.

Baoding Interactive Marketing Planning Co., Ltd. focuses on e-commerce services in Hebei, providing small and medium-sized enterprises with website construction, online shopping mall construction, domain name registration, cell phone APP, business with the line and other services. Baoding...

Fedora Update for scapy FEDORA-2019-d49c8ec32b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows Kernel CVE-2019-1345 Local Information Disclosure Vulnerability

Description Microsoft Windows Kernel is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

Microsoft Windows CVE-2019-1339 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...

CVE-2019-9423

Removed by vendor...

Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples

Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions. In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace,...

Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples

Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions. In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace,...

Microsoft Windows Win32k CVE-2019-1256 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Command Execution Vulnerability in the Zeppelin Platform

Apache Zeppelin is a web-based open source framework that makes interactive data analysis feasible.Zeppelin provides data analysis, data visualization and other features. A command execution vulnerability exists in the Zeppelin platform that can be exploited by an attacker to gain server privileg...

The vulnerability of the PAN-OS operating system, related to the operation of data out of the buffer in memory, allows attackers to cause memory corruption.

The vulnerability of the PAN-OS operating system is related to the operation of data out of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause memory corruption or service failures when the current client interactive session is re-executed...

EVABS - Extremely Vulnerable Android Labs

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application...

Design/Logic Flaw

In the endCall function of TelecomManager.java, there is a possible Denial of Service due to a missing permission check. This could lead to local denial of access to Emergency Services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android...

How Do Threats Align With Detection And Solutions?

There are many different threats targeting many different areas of a corporate network. Have you ever wondered how those threats are stopped? What threats impact which areas of a network? What technology detects and blocks those threats? I wanted to build an interactive graphic to answer those...

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities

The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client. The ctfmon service creates an ALPC port in a well known location, to which...

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities

The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client. The ctfmon service creates an ALPC port in a well known location, to which...

Microsoft Windows CVE-2019-1174 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based...

Microsoft Windows Kernel CVE-2019-1159 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code in with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-base...