CVE-2015-0242

Stack-based buffer overflow in the printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service crash and possibly...

CVE-2015-0242

Stack-based buffer overflow in the printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service crash and possibly...

CVE-2015-0242

Stack-based buffer overflow in the printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service crash and possibly...

Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks

Internet Explorer is dead, but not the mess it left behind. Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer IE browser that attackers are actively exploiting in the wild — and there is no patch ye...

Security Bulletin: IBM i Access for Windows affected by vulnerability CVE-2018-1888.

Summary IBM i Access for Windows is affected by vulnerability CVE-2018-1888. This vulnerability affects the Windows system running the IBM i Access for Windows product. Vulnerability Details CVEID: CVE-2018-1888 DESCRIPTION: An untrusted search path vulnerability in IBM i Access for Windows...

Security Bulletin: IBM i Access for Windows affected by vulnerabilities CVE-2015-2023 and CVE-2015-7422.

Summary IBM i Access for Windows is affected by vulnerabilities CVE-2015-2023 and CVE-2015-7422. These vulnerabilities affect the Windows system running the IBM i Access for Windows product. Vulnerability Details CVEID: CVE-2015-2023 DESCRIPTION: IBM i Access for Windows is vulnerable to a buffer...

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created application from a remote location...

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization system and the Windows operating system is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures through a specially created application...

GOG Galaxy elevation of privilege vulnerability (CNVD-2020-02829)

GOG Galaxy is a game client program. The program is used to install, launch and update games. An elevation of privilege vulnerability exists in the GalaxyClientService installed by GOG Galaxy, which stems from faulty access control. An attacker can exploit this vulnerability by sending...

Privilege escalation

An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is...

CVE-2019-15511

CVE-2019-15511 affects the GalaxyClientService in GOG Galaxy. Root cause: faulty/improper access control enabling unauthenticated local TCP packets to be processed, allowing local privilege escalation to SYSTEM on Windows. Affected products/versions: GOG Galaxy and GalaxyClientService before 1.2....

Malicious Package

malicious-npm-package is a malicious package. The package targets Windows system and runs a powershell command to download and execute a malicious script that is stored on a remote server...

CVE-2019-5695

NVIDIA GeForce Experience prior to 3.20.1 and Windows GPU Display Driver all versions contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature als...

Citrix Workspace App Installed (Windows)

Binary data citrixworkspacewininstalled.nbin...

CVE-2019-12889

An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must...

Brand-New SystemBC Proxy Malware Spotted Using SOCKS5 for Stealth

A previously undocumented proxy malware, dubbed “SystemBC,” is upping the stealth game by using SOCKS5 to evade detection. It’s being distributed by the Fallout and RIG exploit kits EKs, according to researchers. Proofpoint researchers said on Thursday that in the most recently tracked example, t...

The vulnerability of the Akord-Win64 information protection tool, related to access control deficiencies, allows a intruder to gain access to confidential data.

The vulnerability of the information protection tool against unauthorized access, Akord-Win64, is related to deficiencies in access control for files when a specific file path is explicitly specified. Exploiting this vulnerability could allow an intruder, operating locally, to gain access to...

Cisco Jabber for Windows DLL Preloading Vulnerability

A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...

The vulnerability of the Local Security Authority Subsystem Service (LSASS) in the Windows operating system allows a hacker to induce a service failure.

The vulnerability of the Local Security Authority Subsystem Service LSASS in the Windows operating system is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...