Apple OS X Application Firewall Denial of Service Vulnerability

Apple OS X is the United States Apple Apple company for the Mac computer developed a set of specialized operating systems. application Firewall is one of the application firewall component. A denial of service vulnerability exists in Application Firewall in Apple OS X versions prior to 10.12, whi...

Linux Kernel 4.6.3 Netfilter Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Linux Kernel 4.6.3 Netfilter Privilege Escalation', 'Description' = %q This module attempts to exploit a netfilter bug on Linux...

CVE-2016-5945

IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...

CVE-2016-5945

IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...

CVE-2016-5945

IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...

Design/Logic Flaw

Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory...

CVE-2016-5793

Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory...

Oracle Orakill.exe Buffer Overflow Vulnerability

Orakill is a tool within Oracle for ending user processes. A buffer overflow vulnerability exists in Oracle Orakill.exe version 11.2.0, which can be exploited by an attacker to execute arbitrary code...

Docker Daemon - Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Daemon Privilege Escalation', 'Description' = %q This module obtains root privileges from any host account with access to the Docker daemon...

Docker Daemon Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Daemon Privilege Escalation', 'Description' = %q This module obtains root privileges from any host account with access to the Docker daemon...

VMSA-2016-0014 : VMware ESXi, Workstation, Fusion, & Tools updates address multiple security issues

a. VMware Workstation heap-based buffer overflow vulnerabilities via Cortado ThinPrint VMware Workstation contains vulnerabilities that may allow a windows -based virtual machine VM to trigger heap-based buffer overflows in the windows-based hypervisor running VMware workstation that the VM resid...

Zapya Desktop 1.803 - ZapyaService.exe Local Privilege Escalation

Zapya Desktop 1.803 - ZapyaService.exe Local Privilege Escalation Exploit Title: Zapya Desktop Version 'ZapyaService.exe' Privilege Escalation Date: 2016/9/12 Exploit Author: Arash Khazaei Vendor Homepage: http://www.izapya.com/ Software Link:...

Microsoft Windows10 AHCACHE.SYS Remote Denial Of Service

Summary A denial of service vulnerability exists in the AHCACHE.SYS driver. A specially crafted Portable Executable file can cause a bugcheck in the Windows kernel resulting in remote denial of service. Tested Versions Windows 10, AHCACHE.SYS version 10.0.10586.0 Tested on Windows 10 X86 Product...

Mozilla Thunderbird Security Advisories (MFSA2015-134, MFSA2015-149) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

BlackHat issues resolved: Windows programs digital signature verification“vulnerability”-vulnerability warning-the black bar safety net

In this year's black hat conference, foreign a security researcher shows how by the Windows digital signature bypass for malicious code detection. Download the General Assembly of the presentation of the ppt probably looked at it, the report is divided into two parts, the first part shows the...

Avira Free Antivirus DLL Hijacking

Hi @ll, Avira's free antivirus full package executable installers, aviraantivirusen-us.exe, aviraantivirusde-de.exe etc., available from , etc., have multiple vulnerabilities: 1. the full package executable installers really: self- extracting RAR archives extract their payload the real installer...

FreeBSD : FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3) (70140f20-6007-11e6-a6c3-14dae9d210b8)

A specifically crafted Composite Document File CDF file can trigger an out-of-bounds read or an invalid pointer dereference. CVE-2012-1571 A flaw in regular expression in the awk script detector makes use of multiple wildcards with unlimited repetitions. CVE-2013-7345 A malicious input file could...

[SECURITY] Fedora 24 Update: flex-2.6.0-2.fc24

The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The...

DEBIAN-CVE-2014-9888

arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 a...

UBUNTU-CVE-2014-9888

arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 a...