CVE-2016-3345

The SMBv1 server in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Authenticat...

Configuring KMS Licensing for Windows and Office

This article contains information for administrators about configuring Citrix Provisioning , formerly Provisioning ServicesPVS 5.6 Service Pack 1 or later target devices that are using the Microsoft Key Management Server KMS in their environment. Background KMS can be configured on the virtual di...

CVE-2016-3254

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege...

CVE-2016-0121

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType...

Microsoft .NET XML Validation Security Feature Bypass Vulnerability (3141780)

This host is missing an important security update according to Microsoft Bulletin MS16-035 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

UBUNTU-CVE-2015-8636

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial o...

Microsoft Cryptographic Cipher Suite Prioritization Advisory (3042058)

This host is missing an important security update according to Microsoft advisory 3042058. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

RHEL 7 : virtio-win (RHSA-2015:1044)

An updated virtio-win package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Achat 0.150 beta7 - Remote Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Achat v0.150 beta7 Buffer Overflow', 'Description' = %q This module exploits an unicode SEH based stack buffer overflow in Achat...

Google Apps Flaw Allowed Hacker to Hijack Account and Disable Two-factor Authentication

A critical cross-site scripting XSS vulnerability in the Google Apps administrator console allowed cyber criminals to force a Google Apps admins to execute just about any request on the domain. The Google Apps admin console allows administrators to manage their organization’s account...

JetAudio 8.1.3 - '.mp4' Crash (PoC)

Exploit Title : jetAudio 8.1.3 Basic Use-after-free Corrupted mp4 Crash POC Product : jetAudio Basic Date : 12.12.2014 Exploit Author : ITDefensor Vulnerability Research Team http://itdefensor.ru/ Software Link : http://www.jetaudio.com/download/ Vulnerable version : 8.1.3 Latest at the moment an...

CVE-2014-6317

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of...

Windows System Files Information Disclosure

Windows operating systems contain system files with sensitive information. If not properly configured, remote attackers can view the information on such files...

HttpFileServer 2.3.x Remote Command Execution

Affected software: http://sourceforge.net/projects/hfs/ Version : 2.3x Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link:...

SMC Router 1.2x Random UDP Packet Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8711/info A denial of service has been reported in the SMC SMC2404WBR BarricadeT Turbo 11/22 Mbps Wireless Cable/DSL Broadband Router. It is possible to trigger this condition by sending UDP packets randomly to ports...

Microsoft DirectShow QuickTime Movie Parser Filter Code Execution - Ver2 (CVE-2009-1537)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. The QuickTime Movie Parser filter splits Apple QuickTime data into audio and video streams. The vulnerability is due to the way Microsof...

[Directory Scanner v3.0] Remote Directory Server Fingerprinting Tool

Directory Scanner is the FREE Directory Server fingerprinting tool. It can help you to remotely detect the type of Directory servers such as Microsoft Active Directory, Novell eDirectory etc running on the local network as well as Internet. In addition to this, it can greatly help administrators ...

PT-2013-4224 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 version SP1 Microsoft Windows 8 Microsof...

PT-2013-4698 · Microsoft · Windows Server 2003 +7

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k...

VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087)

VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free MS13-021 / CVE-2013-0087 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and includ...