Drupal versions before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
66382ddb8e7fd5b87644e31931eae7f4Microsoft Edge suffers from an ACG bypass vulnerability with OpenProcess().
0872aa70743c4a85442779d23b9462d1The Microsoft Windows kernel suffers from a 64-bit stack memory disclosure vulnerability in nt!NtQueryVirtualMemory (MemoryImageInformation).
d945b68fdd1c9e8436634fd2987bc3c8The Microsoft Windows kernel suffers from a 64-bit stack memory disclosure vulnerability in nt!NtQueryVirtualMemory (Memory(Privileged)BasicInformation).
86867b4c99f8622edfa1f1524af90f0fThe Microsoft Windows kernel suffers from a 64-bit pool / stack memory disclosure vulnerability in nt!NtQueryInformationProcess (ProcessImageFileName).
df5a55deeaf075ec47d80a3863ce2a4bThe Microsoft Windows kernel suffers from a pool memory disclosure vulnerability in nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation).
0c23649c7eecdc1126d54237634aa782The Microsoft Windows kernel suffers from a 64-bit stack memory disclosure vulnerability in nt!NtQuerySystemInformation (SystemPageFileInformation(Ex)).
076794ccd2fb215a95924c9dc5b1883fThe Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryVolumeInformationFile.
bffef04b79c69684d6401043c15978e2The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryAttributesFile.
c2731a6f484ca280626d987eeb7a3807The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryFullAttributesFile.
6d84610a89094cd36dc7885b78e328f8The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumventing Device Guard policies.
dd01efee7f81b595a28eb0762c87ef42The Microsoft compiler mspdbcore.dll suffers from a heap memory disclosure into output .pdb files. This affects Microsoft Symbol Server.
6b5273f7ccafef878397085ccbc182ddDebian Linux Security Advisory 4174-1 - The Citrix Security Response Team discovered that corosync, a cluster engine implementation, allowed an unauthenticated user to cause a denial-of-service by application crash.
5f23ac7a5ba39628411e6ab62fdeb422This script is a proof of concept that lets you map out data from the Facebook Graph using a phone number.
28accc5166d1544ceb05391fe341eb61This script is a proof of concept that lets you map out data from the Facebook Graph.
ebd6f3ff9190c14f3543fce6a999a667DotNetNuke versions 7.2.8 and below suffers from a cross site scripting vulnerability in CATALooKStore.
9db92670a9189bf3cbb96921567733bbThe D-Link DIR-615 wireless router suffers from a persistent cross site scripting vulnerability.
a785f9d9cbc8c0285feb15117ea61f16FromDocToPdf exposes browsing history to all websites.
a8432820a6f1a3e3079881f89fa100f9Brave Browser versions prior to 0.13.0 suffer from a window.close(self) denial of service vulnerability.
3eed1eeba32384364773ad5a2db4c9feBrave Browser versions prior to 0.13.0 suffer from a long alert() argument denial of service vulnerability.
0a5426b0e65c756bf27bbb59b1b15627
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed