Redhat Quay CVE-2019-3864 Security Bypass Vulnerability

Description Redhat Quay is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Redhat Quay 3 Recommendations Block external access at the network...

run-down.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1007077 Security Researcher MrRain1996 Helped patch 1003 vulnerabilities Received 5 Coordinated Disclosure badges Received 9 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting run-down.com website and...

AtomShields Cli - Security Testing Framework For Repositories And Source Code

AtomShields Cli is a Command-Line Interface to use the software AtomShields Installation pip install atomshieldscli Basic usage ascli --target --name The allowed action values are: install : To install a checker or a report, depending the context setted. uninstall : To uninstall a checker or a...

January 2, 2019, update for Office 2016 (KB4461435)

January 2, 2019, update for Office 2016 KB4461435 This article describes update 4461435 for Microsoft Office 2016 that was released on January 2, 2019.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply t...

July 11, 2017, update for Office 2013 (KB3172545)

July 11, 2017, update for Office 2013 KB3172545 This article describes update 3172545 for Microsoft Office 2013 that was released on July 11, 2017. This update also applies to Office Home and Student 2013 RT. This update has a prerequisite. Be aware that the update in the Microsoft Download Cente...

September 6, 2016, update for Office 2016 (KB3115276)

September 6, 2016, update for Office 2016 KB3115276 This article describes update KB3115276 for Microsoft Office 2016, which was released on September 6, 2016. This update has a prerequisite. Be aware that the update on the Microsoft Download Center applies to the Microsoft Installer .msi-based...

Microsoft Windows Server 2012 Group Policy Remote Code Execution

Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Remote Code Execution Date: 2019-10-28 Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows...

Microsoft Windows Server 2012 - (Group Policy) Remote Code Execution Exploit

Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Remote Code Execution Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and...

Command Execution Vulnerability in SDCMS-B2C Mall Web Management System

SDCMS-B2C mall website management system is a marketing mall management system that combines many functions such as city substation, cloud storage, micro letter distribution, micro letter public number, combination package, gift, multi-person group and so on. SDCMS-B2C Mall Website Management...

File Upload Vulnerability in S-CMS Enterprise Website Builder System

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. A file upload vulnerability exists in the S-CMS enterprise website builder system. An attacker can exploit the vulnerability to writ...

CVE-2002-2439

operator new sometimes returns pointers to heap blocks which are too small. When a new array is allocated, the C++ run-time has to calculate its size. The product may exceed the maximum value which can be stored in a machine register. This error is ignored, and the truncated value is used for the...

UAC-A-Mola - Tool That Allows Security Researchers To Investigate New UAC Bypasses, In Addition To Detecting And Exploiting Known Bypasses

UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses. The strong point of uac-a-mola is that it was created so that other...

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to target a vulnerability in a specific product or service, but the exact target is not specified in the provided context. The module is likely intended to be used by penetration testers and...

eQ-3 Homematic CCU3 Remote Code Execution Vulnerability (CNVD-2020-14281)

The eQ-3 Homematic CCU3 is a central control unit for smart home systems from eQ-3 Germany. A remote code execution vulnerability exists in the ReGa.runScript method in the eQ-3 Homematic CCU3 using firmware version 3.41.11, which can be exploited by an attacker to execute code and compromise the...

CVE-2019-15850

eQ-3 HomeMatic CCU3 firmware version 3.41.11 allows Remote Code Execution in the ReGa.runScript method. An authenticated attacker can easily execute code and compromise the system...

WordPress Plugin FooGallery 1.8.12 - Persistent Cross-Site Scripting

Exploit Title: Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\foogallery" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://foo.gallery/ Software Link: https://wordpress.org/plugins/foogallery/ Version: 1.8.12 Tested on: Kali...

razzer

It is an offensive tool for Linux kernel exploitation. The primary CVE ID is not explicitly mentioned in the provided context, but the tool is designed to exploit kernel vulnerabilities, particularly those related to race conditions. The tool, named Razzer, is a kernel fuzzer that uses a modified...

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

Attention Linux Users! A new vulnerability has been discovered in Sudo —one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system. The vulnerability in question is a sudo security policy bypass iss...

Cisco Firepower Management Center SQL Injection Vulnerability (CNVD-2019-34714)

Cisco Firepower Management Center FMC is a new generation of firewall management center software from Cisco. A SQL injection vulnerability exists in the web-based management interface in Cisco Firepower Management Center FMC, which stems from the program's failure to properly validate input, and...

SUSE-SU-2019:2620-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Updated to new ESR version 68.1 bsc1149323. In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749,...