70 matches found
PT-2021-4158 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to incorrect code generation management in the Windows DNS Snap-in component, specifically affecting the dnsmgmt.msc module. This allows remote attackers to execute...
DEBIAN-CVE-2020-27771
In RestoreMSCWarning of /coders/pdf.c there are several areas where calls to GetPixelIndex could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex to ssizet type to avoid this bug. This undefined behavior could be...
msc-jura-heideck.de Improper Access Control vulnerability
Open Bug Bounty ID: OBB-1023114 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting msc-jura-heideck.de...
msc.org.mo XSS vulnerability
Open Bug Bounty ID: OBB-715101 Description| Value ---|--- Affected Website:| msc.org.mo Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...
msc-bruchstedt.de XSS vulnerability
Open Bug Bounty ID: OBB-452102 Description| Value ---|--- Affected Website:| msc-bruchstedt.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Microsoft Windows - MSC XXE Data Exfiltrate Vulnerability
Document Title: =============== Microsoft Windows - MSC XXE Data Exfiltrate Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2094 MSRC Acknowledgements: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8710 Public...
Information disclosure
The Microsoft Common Console Document .msc in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity XXE declaration, due to the way that the Microsoft Common Console Document .msc parses XML input containing a reference t...
CVE-2017-8710
The CVE-2017-8710 entry concerns an XXE-based information disclosure in the Microsoft Common Console Document (.msc). Affected products include Windows 7 SP1, Windows Server 2008 SP2, and Windows Server 2008 R2 SP1, where the MSC parser improperly handles external entity references in XML input, ...
msc.com XSS vulnerability
Open Bug Bounty ID: OBB-290517 Description| Value ---|--- Affected Website:| msc.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
msc.com XSS vulnerability
Open Bug Bounty ID: OBB-282218 Description| Value ---|--- Affected Website:| msc.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
MS15-054: Vulnerability in Microsoft Management Console file format could allow denial of service: May 12, 2015
MS15-054: Vulnerability in Microsoft Management Console file format could allow denial of service: May 12, 2015 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote, unauthenticated attacker convinces a user to ope...
RecuperaBit - A Tool For Forensic File System Reconstruction
A software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS. RecuperaBit attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries partially-overwritten metadata quick format You ca...
mscdirect.com XSS vulnerability
Open Bug Bounty ID: OBB-168293 Description| Value ---|--- Affected Website:| mscdirect.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
MSC Cruises - Dangerous filesystem permissions, External URLs, Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application MSC Cruises published at the 'play' market has multiple vulnerabilities...
cyberjaya-msc.com XSS vulnerability
Vulnerable URL: http://cyberjaya-msc.com/pdpa/unsubscribe.asp?email=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 10:26 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...
Microsoft Management Console Denial of Service Vulnerability
Microsoft Windows is a popular operating system. A security vulnerability in the Microsoft Windows Management Console's handling of the special '.msc' file allows an attacker to exploit the vulnerability to trick users into loading the file for a denial-of-service attack...
CVE-2015-1681
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a denial of service via a crafted .msc file, aka "Microsoft Management Console File Format Denial of...
Microsoft Management Console File Format Denial of Service (MS15-054; CVE-2015-1681)
A denial of service vulnerability has been reported in Microsoft Management Console. The vulnerability exists when Windows attempts to access a specially crafted .msc file to retrieve the icon information, and then fails to properly validate a destination buffer. A remote attacker can exploit thi...
Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.3 update
Red Hat JBoss BPM Suite 6.0.3, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...
CVE-2014-0018
Red Hat JBoss Enterprise Application Platform JBEAP 6.2.0 and JBoss WildFly Application Server, when run under a security manager, do not properly restrict access to the Modular Service Container MSC service registry, which allows local users to modify the server via a crafted deployment...