7682 matches found
Windows GDI Information Disclosure Vulnerability
A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...
HPE Universal CMDB Arbitrary Code Execution Vulnerability
HPE Universal CMDB is the Universal Management Configuration Database from Hewlett Packard Enterprise HPE, USA. An arbitrary code execution vulnerability exists in HPE Universal CMDB that could allow a remote attacker to execute arbitrary code via carefully crafted serialized Java objects...
(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
VulnCheck KEV: CVE-2017-8543
Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory...
KLA11049 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. An improper validating of input before loading...
(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
Windows 10 the next MS16-098 RGNOBJ integer overflow vulnerability analysis and exploit-vulnerability warning-the black bar safety net
This article with reference to , the text talked about the Windows Kernel Pool Feng Shui, SetBitmapBits/GetBitmapBits to any address read and write, etc. the use of Means, and very helpful in learning the Windows kernel exploits. Test environment: Windows 10 1511 x64 Professional Edition2016.04 2...
Microsoft Windows Cursor Elevation of Privilege (CVE-2017-8466)
An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is caused when Windows fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable file...
Design/Logic Flaw
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...
CVE-2016-4992
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...
CVE-2016-4992
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...
CVE-2016-4992
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...
UBUNTU-CVE-2016-4992
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...
CVE-2016-4992
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...
The vulnerability of the Internet Explorer browser, which allows a violator to trigger memory corruption
The vulnerability of the Internet Explorer browser is related to improper access to objects in memory. Exploiting this vulnerability can allow a remote attacker to cause memory corruption...
How to use JavaScript array extensions integer overflow vulnerabilities in WebKit-a vulnerability warning-the black bar safety net
I will be in this article to tell you about the vulnerability, CVE-2017-2536/ZDI-17-358, which is a typical plastic overflow vulnerability, when the system is in the calculation of the allocated space size, the vulnerability will likely lead to a heap buffer overflow. We not only give you...
CVE-2016-0768
PostgreSQL PL/Java after 9.0 does not honor access controls on large objects...
CVE-2016-0768
PostgreSQL PL/Java after 9.0 does not honor access controls on large objects...
CVE-2016-0768
PostgreSQL PL/Java after 9.0 does not honor access controls on large objects...
CVE-2016-0768
PostgreSQL PL/Java after 9.0 does not honor access controls on large objects...