CVE-2018-10190

A vulnerability in London Trust Media Private Internet Access PIA VPN Client v77 for Windows could allow an unauthenticated, local attacker to run executable files with elevated privileges. The vulnerability is due to insufficient implementation of access controls. The "Changelog" and "Help"...

CVE-2018-10190

A vulnerability in London Trust Media Private Internet Access PIA VPN Client v77 for Windows could allow an unauthenticated, local attacker to run executable files with elevated privileges. The vulnerability is due to insufficient implementation of access controls. The "Changelog" and "Help"...

CVE-2018-10190

CVE-2018-10190 concerns London Trust Media Private Internet Access (PIA) VPN Client for Windows v77. The issue is a local privilege escalation caused by insufficient access controls: using the system tray’s Changelog/Help context menu can spawn an elevated instance of the user’s default browser, ...

Microsoft Visual Studio 2015 Update 3 Information Disclosure Vulnerability (KB4087371)

This host is missing an important security update according to Microsoft KB4091346 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

AMD Driver Installer and Gaming Evolved Product plays.tv Service Write File Vulnerability

AMD driver-installation packages and Gaming Evolved products are both products of AMD, Inc. AMD driver-installation packages are a set of driver installation packages for AMD graphics cards. Gaming Evolved products are game optimization products. plays.tv is one of the game recording and sharing...

Microsoft Office: Suppress hyperlink warnings

This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013hyperlinkwarnings.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Suppress hyperlink warnings Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program ...

Rp++ - Tool That Aims To Find ROP Sequences In PE/Elf/Mach-O X86/X64 Binaries

rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O doesn't support the FAT binaries x86/x64 binaries. It is open-source, documented with Doxygen well, I'm trying to.. and has been tested on several OS: Debian / Windows 7 / FreeBSD / Mac OSX Lion 10.7.3. Moreover, it ...

Security update for libvirt (important)

This update for libvirt and virt-manager fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka "SpectreAttack" var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...

openSUSE: Security Advisory for libvirt (openSUSE-SU-2018:0939-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

kernel: Missing permission check in move_pages system call

The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...

Word Attachment Delivers FormBook Malware, No Macros Required

A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware. Researchers at Menlo Security are reporting a wave of attacks that began last month that are targeting financial and...

GoldWave 5.70 - Local Buffer Overflow (SEH Unicode) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: GoldWave 5.70 - Local Buffer Overflow SEH Unicode Date: 04-05-2018 Vulnerable Software: GoldWave 5.70 Vendor Homepage: https://www.goldwave.com/ Version: 5.70 Software Link:...

SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2018:0861-1) (Spectre)

This update for libvirt fixes the following issues: Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init bsc1080042. -...

Jungo DriverWizard WinDriver Denial of Service Vulnerability (CNVD-2018-08462)

Jungo DriverWizard WinDriver is a PCI/USB device driver development tool from Israel's Jungo Connectivity. A security vulnerability exists in the windrvr1260.sys file in Jungo DriverWizard WinDriver version 12.6.0. The vulnerability can be exploited by an attacker to cause a denial of service wit...

CVE-2018-9136

windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service BSOD via a crafted .exe file, a different vulnerability than CVE-2018-8821...

CVE-2018-9136

windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service BSOD via a crafted .exe file, a different vulnerability than CVE-2018-8821...

The vulnerability of the executable file dbman.exe on the HPE Intelligent Management Center PLAT software platform allows a perpetrator to execute arbitrary code.

The vulnerability of the dbman.exe executable on the HPE Intelligent Management Center PLAT software platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the SYSTEM context remotely...

Linux/x86 - EggHunter + Null-Free Shellcode (11 Bytes)

/ Title: Linux/x86 - EggHunter Shellcode 11 Bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 11 Description: Smallest Null-Free Egg Hunter Shellcode - 11 Bytes Details: 1. Works with an executable EGG 2. Make sure you clear EDX, EAX registers in the shellcode before any...

Crashmail 1.6 - Stack-Based Buffer Overflow (ROP)

Crashmail 1.6 - Stack-Based Buffer Overflow ROP Exploit author: Juan Sacco Website: http://exploitpack.com Description: Crashmail is prone to a stack-based buffer overflow because the application fails to perform adequate boundary checks on user supplied input. Impact: An attacker could exploit...

CVE-2018-5731

An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\windows\TEMP. Afterwards the executable is run. It is possible for an attacker to create the file first, let md.hs overwrite it, and then rewrite the...