11 matches found
Microsoft DFSCoerce Domain Control Privilege Vulnerability
Windows Server is a server operating system for Windows introduced by Microsoft on April 24, 2003, with the Microsoft Windows Server System WSS at its core. Microsoft DFSCoerce has a domain control privilege exploit, which can be exploited by an attacker to request the certificate of a domain...
3gtel-frontend-platform (=1.0.0), @achieve-all/v-element (=1.0.0) +1000 more potentially affected by CVE-2021-23440 via set-value (>=0.1.6 <=1.0.0)
set-value NPM version =0.1.6, =5.0.0, =4.0.2, =0.1.1, =1.0.0, =1.0.0, =1.1.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0, =2.0.0, =2.0.16 and more Source cves: CVE-2021-23440 Source advisory: OSV:GHSA-4JQC-8M5R-9RPR...
Microsoft Windows/Windows Server Remote Code Execution Vulnerability (CNVD-2021-62481)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation U.S. Microsoft Windows is an operating system for personal devices, and Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in the Windows Kernel of Microsoft...
Microsoft Windows and Windows Server Remote Code Execution Vulnerability (CNVD-2021-60711)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server is a server operating system. Microsoft Windows and Windows Server have a remote code execution vulnerability that can be exploited by...
Microsoft Windows/Windows Server Remote Code Execution Vulnerability (CNVD-2021-62486)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation U.S. Microsoft Windows is an operating system for personal devices Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in the Microsoft Windows/Windows Server...
CVE-2020-35197
The official memcached docker images before 1.5.11-alpine Alpine specific contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password...
CVE-2020-35466
The Blackfire Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Blackfire container may allow a remote attacker to achieve root access with a blank password...
achieve-itcharitabletrust.org.za Cross Site Scripting vulnerability OBB-1288130
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
collegeachieveasbury.org XSS vulnerability
Open Bug Bounty ID: OBB-715542 Description| Value ---|--- Affected Website:| collegeachieveasbury.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...
Cross-site achieve HTTP session hijacking-vulnerability warning-the black bar safety net
A Web application is by 2 ways to determine and keep track of different users: a Cookie or Session also called session-Cookie is. Wherein the Cookie is stored on the local computer, the expiration time is very long, so for the Cookie of the means of attack is generally to steal user Cookies and...
Talking about after the invasion of the hardware destruction method-vulnerability warning-the black bar safety net
| Internetthe field of security, one foot magic ridge, and then strong fortress also has his deadly colony, hackersarttoday, was born many kinds of means of attack, and in front of the defense method is endless, but whether it is anti-both, all overlooked an important aspect-that is, hardware...