72 matches found
gbase 8s database suffers from a local lift vulnerability (CNVD-2020-68762)
GBase 8s is a mature and stable enterprise-level domestic transactional database independently developed by Tianjin Nanda General Data Technology Co. GBase 8s database suffers from a local power lifting vulnerability, which can be exploited by an attacker to gain control of the server...
TYPO3 typo3_forum extension incorrect access control vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. typo3forum extension is one of the forum extensions. A security vulnerability exists in TYPO3 typo3forum extension versions prior to 1.2.1, which stems from the program not performing acces...
Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB4534976)
Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 KB4534976 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsof...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (5)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
DecisionTools SharpGrid ActiveX Control RCE
No description provided by source...
Exploit Kit Adds Vector for Silverlight Vulnerability
Developers behind the Angler Exploit Kit have apparently added a new exploit over the last week that leverages a known vulnerability in Microsoft’s Silverlight browser framework. Silverlight, similar to Adobe Flash, is Microsoft’s plug-in for streaming media on browsers and is perhaps most known...
Samsung D6000 TV - Multiple Vulnerabilities
Samsung D6000 TV - Multiple Vulnerabilities Luigi Auriemma Application: Samsung devices with support for remote controllers http://www.samsung.com Versions: current Platforms: the vulnerable protocol is used on both TV and blue-ray devices so both of them should be vulnerable my tests were...
Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (4)
// source: https://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based application. Attackers with loca...
Microsoft Windows 98/XP/ME - UPnP NOTIFY Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/3723/info Universal Plug and Play, or UPnP, is a service that allows for hosts to locate and use devices on the local network. UPnP support ships with Windows XP and ME. For Windows 98 and 98SE, it is available with Windows XP's Internet Connection...
Microsoft Windows Media Player 7.0 - JavaScript URL
source: https://www.securityfocus.com/bid/2167/info Windows Media Player is an application used for digital audio, and video content viewing. It can be embedded in webpages as an ActiveX control. It is possible to execute a javascript URL from within the Windows Media Player ActiveX control...
ie5.force-feed.txt
Saturday, 24 June 2000 Microsoft Internet Explorer 5 and accompanying mail and news clients on win95, win98 and win2000 enjoy a unique status in that they choose to ignore user input. Specifically, we are able to manually force a file onto the target computer despite all prompts and warnings. A 1...
Force Feeding
Saturday, 24 June 2000 Microsoft Internet Explorer 5 and accompanying mail and news clients on win95, win98 and win2000 enjoy a unique status in that they choose to ignore user input. Specifically, we are able to manually force a file onto the target computer despite all prompts and warnings. A 1...