28 matches found
Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for August 2025, which includes 111 vulnerabilities affecting a range of products, including 13 that Microsoft marked as "critical". In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited in the...
CVE-2025-7913
A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748B20211015. Affected is the function updateWifiInfo of the component MQTT Service. The manipulation of the argument serverIp leads to buffer overflow. It is possible to launch the attack remotely. The exploit ha...
Mitsubishi Electric Electrical discharge machines
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : Electrical discharge machines Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Medtronic Paceart Optima 代码问题漏洞
Medtronic Paceart Optima is a comprehensive workflow solution from Medtronic, Inc. to efficiently compile and manage patient cardiac device data. A security vulnerability exists in Medtronic Paceart Optima version 1.11 and prior versions that originates from a data deserialization issue in...
IBM WebSphere MQ 7.0.0.x / 8.0.0.x Password Handling Remote Access Vulnerability
According to its self-reported version, the IBM WebSphere MQ server installed on the remote Windows host is 7.0.0.x or 8.0.0.x without patch APAR PM52049 C Tenable Network Security, Inc. include"compat.inc"; if description scriptid108485; scriptversion"1.5"; scriptcvsdate"Date: 2019/11/08";...
Microsoft Windows Message Queuing Service Privilege Escalation Vulnerability (2993254)
This host is missing an important security update according to Microsoft Bulletin MS14-062. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows XP/2000/2003 Message Queuing Service Heap Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8783/info It has been reported that the Microsoft Message Queuing service is prone to a heap overflow. The Symantec DeepSight analyst team is currently analyzing proof-of-concept exploit code for this issue. This record...
Microsoft Windows消息队列服务本地权限提升漏洞(MS09-040)
BUGTRAQ ID: 35969 CVECAN ID: CVE-2009-1922 Microsoft Windows是微软发布的非常流行的操作系统。 由于对消息队列服务所发布的IOCTL请求解析中存在缺陷,导致Windows消息队列服务(MSMQ)中存在一个权限提升漏洞。MSMQ服务在将输入数据传递到缓冲区之前没有正确地检查这些字符串。成功利用此漏洞的攻击者可执行任意代码,并可完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP2 Microsoft Windows Vista...
Microsoft Message Queuing Service NULL Pointer Dereference Local Privilege Escalation Vulnerability
Description The Microsoft Message Queuing service is prone to a local privilege-escalation vulnerability because it fails to adequately handle user-supplied input. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will...
Microsoft Security Bulletin MS09-040 - Important Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)
Microsoft Security Bulletin MS09-040 - Important Vulnerability in Message Queuing Could Allow Elevation of Privilege 971032 Published: August 11, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in the Windows Message Queuing...
Heap overflow
Heap-based buffer overflow in the Microsoft Message Queuing MSMQ service mqsvc.exe in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing...
MS08-065: Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Execution (951071) (uncredentialed check)
The remote version of Windows is affected by a vulnerability in its Microsoft Message Queuing Service MSMQ. An attacker may exploit this flaw to execute arbitrary code on the remote host with SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34413;...
MS08-065: Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Execution (951071)
The remote version of Windows is affected by a vulnerability in Microsoft Message Queuing Service MSMQ. An attacker may exploit this flaw to execute arbitrary code on the remote host with the SYSTEM privileges. Tenable Network Security, Inc. include"compat.inc"; if description scriptid34410;...
Microsoft Windows Message Queuing Service Queue Name Handling (MS08-065) - ver 2 (CVE-2008-3479)
Microsoft Message Queuing MSMQ is a component of Microsoft Windows designed to act as a message portal between a set of applications requiring message exchange functionality. MSMQ enables applications that are running at different times to communicate across heterogeneous networks and across...
MS Windows Message Queuing Service RPC BOF Exploit (dnsname)
No description provided by source. / Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 Mod of axis's code. CHANGELOG - added dnsname as a parameter, before it was hardcoded in the request data. Marcin Kozlowski Provided for legal security research and testing purposes ONLY Go throug...
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (2)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow MS07-065 2 / Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 Mod of axis's code. CHANGELOG - added dnsname as a parameter, before it was hardcoded in the request data. Marcin Kozlowski Provided for legal security...
[EXPL] Microsoft Windows Message Queuing Service Stack Overflow Vulnerability (MS07-065, Exploit)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
/ Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 by axis http://www.ph4nt0m.org you should know the dnsname of target to trigger this vuln the service runs on port 2103/2105/2107 D:\soft\develop\MyProjects\temp\Debugtemp.exe -h 192.168.152.100 -p 2103...
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow MS07-065 1 / Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 by axis http://www.ph4nt0m.org you should know the dnsname of target to trigger this vuln the service runs on port 2103/2105/2107...
MS Windows Message Queuing Service RPC BOF Exploit (MS07-065)
Exploit for unknown platform in category remote exploits ============================================================= MS Windows Message Queuing Service RPC BOF Exploit MS07-065 ============================================================= / Windows Message Queuing Service Remote RPC BOF Exploit...