PT-2025-32777

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions affected versions not specified Description This issue involves a security flaw in Windows File Explorer that allows an attacker to extract NTLM hashes without user interaction, even on systems with the latest securi...

CVE-2023-21554 - QueueJumper - MSMQ RCE Check

This module checks the provided hosts for the CVE-2023-21554 vulnerability by sending a MSMQ message with an altered DataLength field within the SRMPEnvelopeHeader that overflows the given buffer. On patched systems, the error is caught and no response is sent back. On vulnerable systems, the...

HID Global SAFE

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: HID Global Equipment: SAFE Vulnerabilities: Modification of Assumed-Immutable Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in exposure of personal data or create a...

medicine.jnu.ac.kr Cross Site Scripting vulnerability OBB-2849763

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

fptaximadrid.es Cross Site Scripting vulnerability OBB-2722961

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

my.equi-score.be Cross Site Scripting vulnerability OBB-2449237

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

oldechurch.com Cross Site Scripting vulnerability OBB-2355515

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

xn--r8j3g0d4bwg9a8kyb2949b073b.net Cross Site Scripting vulnerability OBB-1247586

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Microsoft Windows MSHTML Engine - Edit Remote Code Execution

Microsoft Windows MSHTML Engine - Edit Remote Code Execution Exploit Title: Microsoft Windows CVE-2019-0541 MSHTML Engine "Edit" Remote Code Execution Vulnerability Google Dork: N/A Date: March, 13 2019 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link:...

Bluetooth Vulnerabilities

A bunch of Bluetooth vulnerabilities are being reported, some pretty nasty. BlueBorne concerns us because of the medium by which it operates. Unlike the majority of attacks today, which rely on the internet, a BlueBorne attack spreads through the air. This works similarly to the two less extensiv...

Microsoft Windows XP/2000/NT 4 RPC Service Denial of Service Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled. This...

Microsoft Windows XP/2000/NT 4 RPC Service Denial of Service Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled. This...

Microsoft Internet Explorer - '.ANI' Downloader (MS05-002)

/ Modified by Vertygo aka Ivanm [email protected] all credits goes to houseofdabus Berend-Jan Wever and to milw0rm/ / Added string.h /str0ke / / HOD-ms05002-ani-expl.c: 2005-01-10: PUBLIC v.0.2 Copyright c 2004-2005 houseofdabus. MS05-002 Microsoft Internet Explorer .ANI Files Handling Exploit...

Microsoft Windows - RPC2 Universal Denial of Service (RPC3) (MS03-039)

Microsoft Windows - RPC2 Universal Denial of Service RPC3 MS03-039 / Windows RPC2 Universal Exploit MS03-039 & Remote DoS RPC3 / / Must be used with the associated shell / / / / This exploit works against unpatched systems MS03-039 / / And cause a Denial of Service on patched systems rpc3 / inclu...

Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (3)

source: https://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled. This vulnerability was originally...

Unixware 7.1.1 rpc.cmsd remote exploit code.

Hi, I'm jGgM. Here is unixware 7.1.1 rpc.cmsd remote exploit code. This is old bug. Currently patched....maybe.. This works only not -patched Unixware 7.1.1. -------------------------------------- Korean security Info.. by jGgM. http://www.forsecure.com/ http://www.netemperor.com/...

Microsoft Internet Explorer 5.5/6.0 - Spoofable File Extensions

source: https://www.securityfocus.com/bid/3597/info It is possible for a malicious webmaster, hosting files on an website, to spoof file extensions for users of Internet Explorer. For example, an .exe file can be made to look like a .txt or other seemingly harmless file type file in the Download...