Lucene search
K

70 matches found

Positive Technologies
Positive Technologies
added 2021/07/13 12:0 a.m.1 views

PT-2021-4158 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to incorrect code generation management in the Windows DNS Snap-in component, specifically affecting the dnsmgmt.msc module. This allows remote attackers to execute...

8.8CVSS8.7AI score0.02234EPSS
Exploits0References10
OSV
OSV
added 2020/12/04 3:15 p.m.1 views

DEBIAN-CVE-2020-27771

In RestoreMSCWarning of /coders/pdf.c there are several areas where calls to GetPixelIndex could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex to ssizet type to avoid this bug. This undefined behavior could be...

3.3CVSS6.3AI score0.01161EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2019/11/25 4:51 p.m.11 views

msc-jura-heideck.de Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1023114 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting msc-jura-heideck.de...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/12/28 12:35 p.m.7 views

msc.org.mo XSS vulnerability

Open Bug Bounty ID: OBB-715101 Description| Value ---|--- Affected Website:| msc.org.mo Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/11 3:14 p.m.11 views

msc-bruchstedt.de XSS vulnerability

Open Bug Bounty ID: OBB-452102 Description| Value ---|--- Affected Website:| msc-bruchstedt.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2017/09/17 12:0 a.m.63 views

Microsoft Windows - MSC XXE Data Exfiltrate Vulnerability

Document Title: =============== Microsoft Windows - MSC XXE Data Exfiltrate Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2094 MSRC Acknowledgements: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8710 Public...

5.5CVSS5.9AI score0.10442EPSS
Exploits3
Prion
Prion
added 2017/09/13 1:29 a.m.13 views

Information disclosure

The Microsoft Common Console Document .msc in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity XXE declaration, due to the way that the Microsoft Common Console Document .msc parses XML input containing a reference t...

4.3CVSS5.4AI score0.10442EPSS
Exploits3References5Affected Software2
CVE
CVE
added 2017/09/13 1:0 a.m.86 views

CVE-2017-8710

The CVE-2017-8710 entry concerns an XXE-based information disclosure in the Microsoft Common Console Document (.msc). Affected products include Windows 7 SP1, Windows Server 2008 SP2, and Windows Server 2008 R2 SP1, where the MSC parser improperly handles external entity references in XML input, ...

5.5CVSS5.5AI score0.10442EPSS
Exploits3References5Affected Software2
Openbugbounty
Openbugbounty
added 2017/09/07 7:46 p.m.10 views

msc.com XSS vulnerability

Open Bug Bounty ID: OBB-290517 Description| Value ---|--- Affected Website:| msc.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/25 11:41 p.m.9 views

msc.com XSS vulnerability

Open Bug Bounty ID: OBB-282218 Description| Value ---|--- Affected Website:| msc.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.39 views

MS15-054: Vulnerability in Microsoft Management Console file format could allow denial of service: May 12, 2015

MS15-054: Vulnerability in Microsoft Management Console file format could allow denial of service: May 12, 2015 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote, unauthenticated attacker convinces a user to ope...

6.2AI score
Exploits0
Kitploit
Kitploit
added 2016/11/06 2:30 p.m.35 views

RecuperaBit - A Tool For Forensic File System Reconstruction

A software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS. RecuperaBit attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries partially-overwritten metadata quick format You ca...

7.2AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2016/07/21 12:56 p.m.14 views

mscdirect.com XSS vulnerability

Open Bug Bounty ID: OBB-168293 Description| Value ---|--- Affected Website:| mscdirect.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
hackapp
hackapp
added 2016/04/01 9:34 a.m.15 views

MSC Cruises - Dangerous filesystem permissions, External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application MSC Cruises published at the 'play' market has multiple vulnerabilities...

Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2015/12/03 8:43 p.m.9 views

cyberjaya-msc.com XSS vulnerability

Vulnerable URL: http://cyberjaya-msc.com/pdpa/unsubscribe.asp?email=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 10:26 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

6.3AI score
Exploits0
CNVD
CNVD
added 2015/05/14 12:0 a.m.2 views

Microsoft Management Console Denial of Service Vulnerability

Microsoft Windows is a popular operating system. A security vulnerability in the Microsoft Windows Management Console's handling of the special '.msc' file allows an attacker to exploit the vulnerability to trick users into loading the file for a denial-of-service attack...

1.9CVSS6.7AI score0.01685EPSS
Exploits0References1
NVD
NVD
added 2015/05/13 10:59 a.m.20 views

CVE-2015-1681

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a denial of service via a crafted .msc file, aka "Microsoft Management Console File Format Denial of...

1.9CVSS6.1AI score0.01685EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2015/05/12 12:0 a.m.13 views

Microsoft Management Console File Format Denial of Service (MS15-054; CVE-2015-1681)

A denial of service vulnerability has been reported in Microsoft Management Console. The vulnerability exists when Windows attempts to access a specially crafted .msc file to retrieve the icon information, and then fails to properly validate a destination buffer. A remote attacker can exploit thi...

1.9CVSS6AI score0.01685EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2014/09/23 8:19 p.m.45 views

Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.3 update

Red Hat JBoss BPM Suite 6.0.3, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

7.5CVSS7.3AI score0.13809EPSS
Exploits4References9
NVD
NVD
added 2014/02/14 3:55 p.m.27 views

CVE-2014-0018

Red Hat JBoss Enterprise Application Platform JBEAP 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container MSC service registry, which allows local users to modify the server via a crafted deployment...

1.9CVSS6.1AI score0.00354EPSS
Exploits0References5
Rows per page
Query Builder