QiHang Media Web Digital Signage 3.0.9 Arbitrary File Disclosure Vulnerability

Exploit for hardware platform in category web applications QiHang Media Web QH.aspx Digital Signage 3.0.9 Arbitrary File Disclosure Vulnerability Vendor: Shenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd. Product web page: http://www.howfor.com Affected...

KLA11285 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities in Windows kernel ca...

Microsoft IIS WebDav ScStoragePathFromUrl Overflow Exploit

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services IIS 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: ' Microsoft IIS WebDav ScStoragePathFromUrl Overflow',...

Buffer overflow

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services IIS 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: http://" in a PROPFIND request, as exploited in the wild ...

CVE-2017-7269

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services IIS 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: http://" in a PROPFIND request, as exploited in the wild ...

Microsoft IIS 6.0 WebDAV ScStoragePathFromUrl Buffer Overflow

Description:Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services IIS 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: http://" in a PROPFIND request, as exploited ...

CVE-2015-2369

Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a...

CVE-2015-1768

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service memory corruption via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability."...

Privilege escalation

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service memory corruption via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability."...

Null pointer dereference

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges or cause a denial of service NUL...

Design/Logic Flaw

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges...

Microsoft Windows Kernel Bitmap Handling CVE-2015-1722 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and corrupt kernel memory. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...

KLA10580 Multiple vulnerabilities in Microsoft products

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unknown...

Microsoft Windows Kernel Mode Driver CVE-2015-1676 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information such as kernel memory contents. This may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP...

Microsoft XML Core Services CVE-2015-1646 Same Origin Policy Security Bypass Vulnerability

Description Microsoft XML Core Services is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass the same-origin policy and perform unauthorized actions. This could be used to steal sensitive information or launch other attacks. Technologies Affected Avaya CallPil...

Remote code execution

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted 1 web site or 2 file,...

Microsoft Windows Server 2003 SP2 - Local Privilege Escalation (MS14-070)

""" KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-001 Publication Date: 2015.01.28 Publication URL:...

Buffer overflow

Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows Telnet...

VMware Workstations 10.0.0.40273 vmx86.sys Arbitrary Kernel Read

No description provided by source. Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product:...

CVE-2014-4118

XML Core Services aka MSXML 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of...