7682 matches found
tomcat: Calls to application listeners did not use the appropriate facade object
A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web...
UBUNTU-CVE-2017-11625
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...
CVE-2017-7540
rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...
CVE-2017-7540
rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...
Oracle Primavera Gateway Multiple Vulnerabilities (July 2017 CPU)
According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is prior to 14.2.3, 15.x prior to 15.2.12, or 16.x prior to 16.2.4. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exist...
CVE-2017-7540
rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...
Server-side Request Forgery (SSRF)
Piwik is vulnerable to server-side request forgery SSRF attacks. These attacks are possible through a flaw in the DisplayTopKeywords function in plugins/Referrers/Controller.php which allows attackers to inject PHP objects and execute arbitrary code...
Apple Safari Frame Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Fra...
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017)
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation MS17-017 E-DB Note: + Source: https://github.com/sensepost/gdi-palettes-exp + Binary: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/42432.exe include include include include //From...
Microsoft Windows 7 SP1 x86 GDI Palette Objects Local Privilege Escalation
include include include include //From http://stackoverflow.com/a/26414236 this defines the details of the NtAllocateVirtualMemory function //which we will use to map the NULL page in user space. typedef NTSTATUSWINAPI PNtAllocateVirtualMemory HANDLE ProcessHandle, PVOID BaseAddress, ULONG...
Microsoft Windows 7 SP1 (x86) - GDI Palette Objects Local Privilege Escalation (MS17-017)
E-DB Note: + Source: https://github.com/sensepost/gdi-palettes-exp + Binary: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42432.exe include include include include //From http://stackoverflow.com/a/26414236 this defines the details of the NtAllocateVirtualMemor...
SAP Business Objects Titan XML External Entity Injection Vulnerability
SAP BusinessObjects Germany SAP SAP company developed a provide a variety of business intelligence software, information management software, enterprise performance management solutions, regulatory, risk and compliance solutions. An XML external entity injection vulnerability exists in SAP Busine...
Microsoft Edge Remote Code Execution Vulnerability (CNVD-2017-14639)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle in-memory objects and has a remote code execution vulnerability in its implementation that could lead an attacker to execute arbitrary code in the current user context...
Microsoft Windows Search Remote Code Execution Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that stems from the way Windows Search handles memory objects. A remote attacker could exploit this vulnerability to execute arbitrary...
Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14607)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and is implemented with a remote memory corruption vulnerability that can be exploited by an attacker to execute arbitrary code in the current user context...
Microsoft Windows Multiple Vulnerabilities (KB4025341)
This host is missing a critical security update according to Microsoft KB4025341 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Office Remote Code Execution Vulnerability - Mac OS X (KB3212224)
This host is missing an important security update according to Microsoft KB3212224 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Windows Kernel Local Elevation of Privilege Vulnerability (CNVD-2017-22654)
Microsoft Windows is the popular computer operating system. A security vulnerability in the Microsoft Windows kernel's handling of memory objects allows an attacker to exploit the vulnerability to submit special requests and elevate privileges...
Not All Threats Are Created Equal
In today’s world, security teams are bombarded constantly with security events and threat information from multiple sources, making it impossible to address each threat with the same amount of urgency. Where does one even start? We know every threat should be addressed, but not all threats are...
Internet Explorer help
None None...