Microsoft SQL Server 访问控制错误漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. There is an access control vulnerability in Microsoft SQL Server. Attackers can exploit this vulnerability to gain higher privileges. The followi...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...

SUSE CVE-2016-7409

The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUGTRACE, allows local users to read process memory via the -v argument, related to a failed remote ident...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft that is used on Microsoft Windows systems. A security vulnerability exists in SQL Server. The following products and versions are affected:Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems CU 4,Microsoft SQL Serve...

Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voice mail, email filtering and screening. A security vulnerability exists in Microsoft Exchange Server. The following products and versions a...

Microsoft Office 代码注入漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. Commonly used components of this product include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code injection vulnerability exists in Microsoft Office Access. The following products and...

OpenPLC 跨站脚本漏洞

OpenPLC is an open source programmable logic controller. It can provide low-cost industrial solutions for automation and research. A cross-site scripting vulnerability exists in OpenPLC runtime V3, which stems from the Device Name on the Add New Device page of the product failing to properly...

Citrix Virtual Apps and Desktops Privilege Escalation Vulnerability (CTX319750)

The version of Citrix Virtual Apps and Desktops installed on the remote Windows host is 2016 and earlier, or s 1912 LTSR CU3 or earlier. It is, therefore, affected by a privilege escalation vulnerability. An unspecified flaw exists related to Citrix Profile Management or Citrix Profile Management...

Microsoft Windows Multiple Vulnerabilities (KB5003197)

This host is missing a critical security update according to Microsoft KB5003197 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sichuan Institute of Safety Science and Technology Coal Mine Remote Monitoring Comprehensive Management System 2016 Version Exists SQL Injection Vulnerability

Sichuan Province coal mine remote integrated monitoring system is a system that can realize remote real-time monitoring of coal mine underground sensing data through the Internet and summarize, analyze and alarm the integrated monitoring and management in a timely manner. Sichuan Institute of...

Milesight IP security cameras authorization issue vulnerability

Milesight IP security cameras are IP camera products from China Pulse Digital Technology Milesight. A security vulnerability exists in Milesight IP security cameras version 2016-11-14 and earlier. An attacker can exploit the vulnerability to bypass authentication and access protected resources...

SQL Injection Vulnerability in office anywhere v2016

Ltd. is subordinate to China National Weapons Industry Information Center CNWIIC, which is referred to as Tongda Xinke. It is a high-tech team with the main business of collaborative management software development and implementation, service and consulting. A SQL injection vulnerability exists i...

tinysvcmdns library buffer overflow vulnerability

The tinysvcmdns library is a multicast DNS response library for services. A heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. An attacker can exploit this vulnerability by sending dns packets to cause the library to overwrite arbitrary data on the heap...

Heap overflow

An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...

UBUNTU-CVE-2017-12087

An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...

PT-2018-1027

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2007 through 2016 Description A remote code execution issue exists due to improper handling of objects in memory. This could allow an attacker to run arbitrary code in the context of the current user. If the user has...

CVE-2017-11877

Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for...

OSRAM SYLVANIA Osram Lightify Home Network Command Replay Vulnerability

OSRAM SYLVANIA Osram Lightify Home is a set of open IoT platforms for automated control of lighting devices from OSRAM Germany. A security vulnerability exists in OSRAM SYLVANIA Osram Lightify Home versions 2016-07-26 and earlier. An attacker could use the vulnerability to capture and recover...

National Instruments LabVIEW 2015 < 2015 SP1 f7 / 2016 < 2016 f2 LvVarientUnflatten VI File Handling Arbitrary Code Execution

The version of National Instruments NI LabVIEW installed on the remote Windows host is version 2015 prior to 2015 SP1 f7 or 2016 prior to 2016 f2. It is, therefore, affected by an arbitrary code execution vulnerability in the LvVarientUnflatten functionality due to improper validation of...

Alibaba Clone B2B Script - Admin Authentication Bypass

Alibaba Clone B2B Script - Admin Authentication Bypass Exploit Title: Alibaba Clone B2B Script Admin Authentication Bypass Date: 2016-05-03 Exploit Author: Meisam Monsef [email protected] or [email protected] Vendor Homepage: http://alibaba-clone.com/ Version: All Versions Exploit : For enter...