790 matches found
KLA11544 A PE vulnerability in Microsoft Developer Tools
An elevation of privilege vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2019-1258 Related products Microsoft-Azure CVE list CVE-2019-1258 high KB list Solution Install necessary updates from the KB...
KLA11657 An elevation of privilege vulnerability in Microsoft Developer Tools
An elevation of privilege vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2019-1211 Related products Microsoft-Visual-Studio CVE list CVE-2019-1211 warning KB list Solution Install necessary updates...
Commando VM v2.0 - The First Full Windows-based Penetration Testing Virtual Machine Distribution
Welcome to CommandoVM - a fully customizable, Windows-based security distribution for penetration testing and red teaming. For detailed install instructions or more information please see our blog Installation Install Script Requirements Windows 7 Service Pack 1 or Windows 10 60 GB Hard Drive 2 G...
'Google' Sites Are the Latest Ploy by Card-Skimming Thieves
Malicious domains masquerading as Google sites are the latest ploy by payment card-skimming adversaries looking to dupe website visitors. According to analysts at Sucuri, cybercriminals are using typosquatting the practice of changing one letter in a trusted site name to use as a malicious URL to...
KLA11525 SB vulnerability in Microsoft Developer Tools
A security feature bypass vulnerability was found in Windows Defender Application Control Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories CVE-2019-1167 Related products Windows-Defender CVE list CVE-2019-1167 warning KB list Solution Install...
Commando VM v1.3 - The First Full Windows-based Penetration Testing Virtual Machine Distribution
Welcome to CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Installation Install Script Requirements Windows 7 Service Pack 1 or Windows 10 60 GB Hard Drive 2 GB RAM Recommended Windows 10 80+ GB Hard Drive 4+ GB RAM 2 network adapters...
KLA11513 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security...
DEBIAN-CVE-2019-5819
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard...
CVE-2019-5819
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard...
KLA11501 Security UI vulnerability in Microsoft Developer Tools
A spoofing vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2019-0996 Related products Microsoft-Azure CVE list CVE-2019-0996 warning KB list Solution Install necessary updates from the KB section...
KLA11485 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, gain privileges, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A deni...
RHEL 6 : chromium-browser (RHSA-2019:1021)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1021 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 74.0.3729.108. Security Fixes:...
chromium-browser: Incorrect escaping in developer tools
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard...
openSUSE Security Update : chromium (openSUSE-2019-1325)
This update for chromium fixes the following issues : Chromium was updated to 74.0.3729.108 boo1133313 : - CVE-2019-5805: Use after free in PDFium - CVE-2019-5806: Integer overflow in Angle - CVE-2019-5807: Memory corruption in V8 - CVE-2019-5808: Use after free in Blink - CVE-2019-5809: Use afte...
Arbitrary Code Execution
Firefox and Firefox ESR are vulnerable to arbitrary code execution attacks. A remote unauthenticated attacker could exploit the vulnerable Developer Tools component to allow code execution when opening a malicious page with the style editor tool due to improper sanitization of the web page source...
Privilege Escalation
Firefox is vulnerable to privilege escalation attacks. The JSON viewer in the Developer Tools use insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data which allows a remote user to monitor the network and obtain potentially sensitive information in...
CVE-2019-9804
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash o...
CVE-2019-9804
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash o...
CVE-2019-9804
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash o...
Command injection
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash o...