273 matches found
Intel® Graphics Drivers Integer Overflow Vulnerability
Intel is an American company that develops CPUs and is the world's largest manufacturer of personal computer parts and CPUs. Intel® Graphics Drivers Integer Overflow Vulnerability, an integer overflow vulnerability in the firmware of some IntelR Graphics Drivers for Windows prior to version...
Microsoft .NET Core 安全漏洞
Microsoft.NET Core provides a fast, modular platform for creating server applications that run on Windows, Linux and macOS. A remote code execution vulnerability exists in Microsoft .NET Core. An attacker could exploit the vulnerability to execute code on the target server...
NVIDIA GPU Display Driver 信息泄露漏洞
The Nvidia GPU Display Driver is a driver from Nvidia that is used for interactive support of the graphics card display module in the operating system. An elevation of privilege vulnerability exists in NVIDIA GPU Display Driver for Windows and Linux all versions, which stems from a user-mode clie...
Vulnerabilities fixed in Pulse Secure products for Windows, Linux and Mac
Vulnerabilities have been fixed in Pulse Secure products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security...
Online Shopping Alphaware 1.0 Cross Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Shopping Alphaware 1.0 - Cross-Site Request Forgery Account Takeover Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...
WebPort 1.19.1 - Cross Site Scripting
WebPort version 1.19.1 suffers from multiple reflective cross site scripting vulnerabilities. Exploit Title: WebPort 1.19.1 - Reflected Cross-Site Scripting Date: 2019-05-30 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://webport.se/ Software Link: https://webport.se/nedladdningar/ Version:...
Exploit for Use After Free in Microsoft
微软3389远程漏洞CVE-2019-0708批量检测工具 0x001 Win下检测 https://github.com/robertdavidgraham/rdpscan C:\Users\K8team\Desktop\rdpscan-master\vs10\Release 的目录 2019/06/02 02:11 DIR . 2019/06/02 02:11 DIR .. 2019/06/02 01:55 2,582,016 libcrypto-11.dll 2019/06/02 01:57 619,520 libssl-11.dll 2019/06/02 02:04 172,03...
Arbitrary File Read Vulnerability in the Background of Feifei Movie Navigation System
Fei Fei Movie Navigation System is developed by PHP+Mysql technology, which can run on windows and Linux system platform. An arbitrary file read vulnerability exists in the background of Feifei Movie & TV Navigation System, which can be exploited by attackers to compromise confidentiality...
WordPress Fruitful 3.8 Cross Site Scripting
Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Link: https://downloads.wordpress.org/theme/fruitful.3.8.zip Vendo...
CVE-2019-4322
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 161202...
CVE-2019-13028
An incorrect implementation of a local web server in eID client Windows version before 3.1.2, Linux version before 3.0.3 allows remote attackers to execute arbitrary code .cgi, .pl, or .php or delete arbitrary files via a crafted HTML page. This is a product from the Ministry of Interior of the...
How to build your own PoC framework Pocsuite3 using the article-the vulnerability warning-the black bar safety net
Compared to boring the usage of the description, the more I want to say about Pocsuite3 why will have these features as well as how to achieve. If you also want to build a similar tool, Pocsuite3 some of the thoughts may be able to help you. This article is also recorded Pocsuite3 development...
Microsoft Windows 10 will get a full built-in Linux Kernel for WSL 2
Yes, you heard me right. Microsoft is taking another step forward to show its love for Linux and open source community by shipping a full Linux kernel in Windows 10 this summer. No, that doesn't mean Microsoft is making its Windows 10 a Linux distro, but the company will begin to ship an in-house...
CVE-2019-17388
Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications. Recent assessments: kevthehermit at March 05, 2020 9:34am UTC reported: V...
The vulnerability of the Linux subsystem of the Windows operating system, which allows a perpetrator to gain access to protected information
The vulnerability of the Linux subsystem of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain access to protected information through a specially created application...
FeiFeiCms 4.0.181010 version of the foreground there are logic flaws vulnerability
FeiFeiCms is developed by PHP+Mysql technology and can run on windows and Linux system platform. A logic flaw exists in the frontend of FeiFeiCms version 4.0.181010, which stems from a failure to properly filter user input and can be exploited by an attacker to modify user information...
October 9, 2018—KB4462919 (OS Build 17134.345)
October 9, 2018—KB4462919 OS Build 17134.345 Note This release also contains updates for Microsoft HoloLens OS Build 17134.345 released October 9, 2018. Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key...
CVE-2018-13140
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages...
CyberArk < 10 - Memory Disclosure
Exploit Title: CyberArk 10 - Memory Disclosure Date: 2018-06-04 Exploit Author: Thomas Zuk Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Version: 9.7 and 10 Tested on: Windows 2008, Windows 2012, Windows 7, Windows 8, Windows 10...
Severe Bug Discovered in Signal Messaging App for Windows and Linux
Security researchers have discovered a severe vulnerability in the popular end-to-end encrypted Signal messaging app for Windows and Linux desktops which could allow remote attackers to execute malicious code on recipients system just by sending a message—without requiring any user interaction...