libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes

A flaw was found in libssh2. A server could send a multiple keyboard interactive response messages, whose total length are greater than the unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. The highest threat from this...

Microsoft Windows Win32k CVE-2019-0892 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10...

CCSP 7.2.5 API XML Injection / Server-Side Request Forgery

!-- Exploit Title: Enghouse Interactive´s CCSP 7.2.5 API XXE and SSRF vulnerability via unauthenticated GET Request Date: 05-08-2018 Exploit Author: David Herrero Vendor Homepage: https://www.enghouseinteractive.com Software Link:...

CVE-2017-12760

Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. The impact is: Code execution remote...

CVE-2017-12759

Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by: SQL Injection. The impact is: Code execution remote...

CVE-2017-12760

Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. The impact is: Code execution remote...

CVE-2017-12759

Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by: SQL Injection. The impact is: Code execution remote...

CVE-2017-12760

Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. The impact is: Code execution remote...

Sql injection

Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. The impact is: Code execution remote...

Sql injection

Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by: SQL Injection. The impact is: Code execution remote...

CVE-2017-12759

Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by: SQL Injection. The impact is: Code execution remote...

CVE-2017-12759

Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by: SQL Injection. The impact is: Code execution remote...

CVE-2017-12759

CVE-2017-12759 affects Ynet Interactive’s SOA School Management 3.0. Connected documents confirm that the vulnerability arises from SQL Injection in the web application (demo.ynetinteractive.com/soa/), with impact described as remote code execution. The issue is associated with multiple sources (...

CVE-2017-12760

CVE-2017-12760 affects Ynet Interactive Mobiketa 4.0. The vulnerability is an SQL injection in Mobiketa 4.0 that leads to remote code execution. Documented in multiple sources (NVD, Red Hat advisory, CVE listings) with references to exposed URLs and, where available, CVSS scores indicating high i...

SQL Injection Vulnerability in Dingfeng Interactive Website Building System

Dingfeng Interactive is an online marketing solution for businesses. A SQL injection vulnerability exists in Dingfeng Interactive website builder system. An attacker can exploit the vulnerability to obtain sensitive database information...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Hackers Can Tell What Netflix 'Bandersnatch' Choices You Make

Researchers have shown that even though Netflix encrypts its traffic, hackers can figure out your interactive movie choices...

Microsoft Windows SMB Server CVE-2019-0786 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Window...

Microsoft Windows CVE-2019-0839 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...