2542 matches found
CVE-2017-11829
Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions...
Microsoft Windows Update Delivery Optimization Elevation of Privilege Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Windows Update Delivery Optimization in Microsoft Windows, which originates when the program fails to enforce file sharing permissions. A local attacker...
Windows Update Delivery Optimization Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions. An attacker who successfully exploited the vulnerability could overwrite files that require higher privileges than what the attacker already has. To explo...
Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
KLA11111 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...
WebKit: JSC: Incorrect for-in optimization #2(CVE-2017-7117)
No description provided by source. The following PoC bypasses the fix for the https://www.seebug.org/vuldb/ssvid-96629. PoC: function f let o = ; for let i in xx: 0 for i of 0 printoi; f;...
WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization (2)
function f let o = ; for let i in xx: 0 for i of 0 printoi; f;...
WebKit JSC Incorrect Optimization Vulnerability
A proof of concept has been released that bypasses the fix for the original finding regarding an incorrect optimization in BytecodeGenerator::emitGetByVal in WebKit JSC. WebKit: JSC: Incorrect for-in optimization 2 CVE-2017-7117 The following PoC bypasses the fix for the...
WebKit JSC Incorrect Optimization
WebKit: JSC: Incorrect for-in optimization 2 CVE-2017-7117 The following PoC bypasses the fix for the https://bugs.chromium.org/p/project-zero/issues/detail?id=1263 WebKit: JSC: Incorrect optimization in BytecodeGenerator::emitGetByVal PoC: function f let o = ; for let i in xx: 0 for i of 0...
Medium: openssh
Issue Overview: A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses. CVE-2016-6210 It was found that OpenSSH...
CVE-2017-14602 - Authentication Bypass Vulnerability in the Management Interface of Citrix NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition Appliances
Description of Problem A vulnerability has been identified in the management interface of the Citrix NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition appliances. This vulnerability, if exploited, could allow an attacker with access to the management interface of the...
CVE-2017-12250
A vulnerability in the HTTP web interface for Cisco Wide Area Application Services WAAS could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization AO related process to restart, causing a partial denial of service DoS condition. The vulnerability is due to lack of...
Smush Image Compression and Optimization <= 2.7.5 - File Transversal
The Smush – Lazy Load Images, Optimize & Compress Images WordPress plugin was affected by a File Transversal security vulnerability...
Cisco Wide Area Application Services HTTP Application Optimization Denial of Service Vulnerability
A vulnerability in the HTTP web interface for Cisco Wide Area Application Services WAAS could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization AO related process to restart, causing a partial denial of service DoS condition. The vulnerability is due to lack of...
Microsoft Windows Kernel - 'win32k!NtGdiEngCreatePalette' Stack Memory Disclosure
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1276&desc=2 We have discovered that the nt!NtGdiEngCreatePalette system call discloses large portions of uninitialized kernel stack memory to user-mode clients. This is caused by the fact that for palettes created in the PALINDEX...
Microsoft Windows Kernel - win32k!NtGdiGetFontResourceInfoInternalW Stack Memory Disclosure Exploit
Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1275 We have discovered that the nt!NtGdiGetFontResourceInfoInternalW system call discloses portions of uninitialized kernel stack memory to user-mode clients. This is caused by...
Microsoft Windows Kernel - win32k!NtGdiGetFontResourceInfoInternalW Stack Memory Disclosure
Microsoft Windows Kernel - win32k!NtGdiGetFontResourceInfoInternalW Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1275 We have discovered that the nt!NtGdiGetFontResourceInfoInternalW system call discloses portions of uninitialized kernel stack memory...
WebKit JSC BytecodeGenerator::emitGetByVal Incorrect Optimization Exploit
Exploit for multiple platform in category dos / poc WebKit: JSC: Incorrect optimization in BytecodeGenerator::emitGetByVal CVE-2017-7061 Let's start with JS code. let o = ; for let i in xx: 0 oi; 0; i-- ForInContext& context = mforInContextStacki - 1.get; if context.local != property continue; if...
WebKit JSC - BytecodeGenerator::emitGetByVal Incorrect Optimization (1)
WebKit JSC - BytecodeGenerator::emitGetByVal Incorrect Optimization 1 Let's start with JS code. let o = ; for let i in xx: 0 oi; 0; i-- ForInContext& context = mforInContextStacki - 1.get; if context.local != property continue; if !context.isValid break; if context.type ==...
App Layering: PVS Cache Disks May Need to Be Larger with Elastic Layering
...