Liquid Studio 2.17 - Denial of Service (PoC)

Liquid Studio 2.17 - Denial of Service PoC Exploit Title: Liquid Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbliquidstudioinstall.exe Version:...

Blob Studio 2.17 Denial Of Service

Exploit Title: Blob Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbblobstudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx...

PT-2019-17969 · Artifex · Artifex Mupdf

Name of the Vulnerable Software and Affected Versions: Artifex MuPDF version 1.14.0 Description: The issue is related to infinite recursion with stack consumption in the svg run use symbol, svg run element, and svg run use functions in the svg-run.c file. This can be demonstrated using mutool...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Jan 2019)

This host is missing an important security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Command Execution Vulnerability in NetShow Sino-British Enterprise Website System v5.6

WebShow Sino-British Enterprise Website System is a simple and easy-to-use website management system developed by WebTech. A command execution vulnerability exists in Nethub Sino-British Enterprise Website System v5.6, which can be exploited by attackers to execute system commands...

Fedora 29 : glusterfs (2018-a54270a213)

4.1.5 GA ---- 4.1.4 GA Security Fix for CVE-2018-10904 Security Fix for CVE-2018-10907 Security Fix for CVE-2018-10911 Security Fix for CVE-2018-10913 Security Fix for CVE-2018-10914 Security Fix for CVE-2018-10923 Security Fix for CVE-2018-10926 Security Fix for CVE-2018-10927 Security Fix for...

Fedora 28 : glusterfs (2018-4e660226e7)

4.1.4 GA Security Fix for CVE-2018-10904 Security Fix for CVE-2018-10907 Security Fix for CVE-2018-10911 Security Fix for CVE-2018-10913 Security Fix for CVE-2018-10914 Security Fix for CVE-2018-10923 Security Fix for CVE-2018-10926 Security Fix for CVE-2018-10927 Security Fix for CVE-2018-10928...

imcat directory traversal vulnerability

imcat is a PHP-based open source website building system . A directory traversal vulnerability exists in the root/run/adm.php file in imcat version 4.4. No detailed vulnerability details are available at this time...

GLSA-201812-10 : GKSu: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-201812-10 GKSu: Arbitrary command execution A vulnerability was discovered in GKSus gksu-run-helper. Impact : An attacker could execute arbitrary commands. Workaround : There is no known workaround at this time. C Tenable Network...

CVE-2018-20610

imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter...

CVE-2018-17244

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive headers intended for another request if the same username is being authenticated concurrently; wh...

CVE-2018-1000880

libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards release v3.2.0 onwards contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archivereadsupportformatwarc.c, warcread that can result in DoS - quasi-infinite run time and disk usage from ti...

Logitech Keystroke Injection Flaw Went Unaddressed for Months

Computer peripheral giant Logitech has finally issued a patched version of its Logitech Options desktop app, after being taken to task for a months-old security flaw. The bug could have allowed adversaries to launch keystroke injection attacks against Logitech keyboard owners that used the app...

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Dec 2018)

This host is missing an important security update according to Microsoft Office Click-to-Run updates. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

git: Improper handling of PATH allows for commands to be executed from the current directory

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was a dangerous change from execvp to execv during 2017...

CVE-2018-17924

Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller...

Exploit for Use After Free in Adobe Flash_Player

CVE-2018-15982PoC CVE-2018...

UBUNTU-CVE-2018-19882

In Artifex MuPDF 1.14.0, the svgrunimage function in svg/svg-run.c allows remote attackers to cause a denial of service hrefatt NULL pointer dereference and application crash via a crafted svg file, as demonstrated by mupdf-gl...

DEBIAN-CVE-2018-19882

In Artifex MuPDF 1.14.0, the svgrunimage function in svg/svg-run.c allows remote attackers to cause a denial of service hrefatt NULL pointer dereference and application crash via a crafted svg file, as demonstrated by mupdf-gl...

ALPINE-CVE-2018-19486

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was a dangerous change from execvp to execv during 2017...