This Metasploit module exploits an SEH buffer overflow in Disk Pulse Enterprise version 9.9.16. If a malicious user sends a crafted HTTP GET request it is possible to execute a payload that would run under the Windows NT AUTHORITY\SYSTEM account.
4357afe77b3f0d509c9cfa2b76ef1a5aWordPress 2kb Amazon Affiliates Store plugin versions 2.1.0 and below suffer from a cross site scripting vulnerability.
ed7cc9ee351abba47e1139929002ac68SUSE/Portus version 2.2 suffers from a persistent cross site scripting vulnerability.
45c4673d073bbdcf395b309bad7cd3d0DlxSpot Player4 LED video wall has a hardcoded password that allows you to ssh in and escalate to root.
a8c160f05eb5b14922777c74c7455bf9DlxSpot Player4 LED video wall suffers from a remote shell upload vulnerability. Versions greater than 1.5.10 are affected.
9af7a881088ecdf7ad4e03ae9466faebDlxSpot Player4 LED video wall suffers from a remote SQL injection vulnerability that allows for authentication bypass. Versions greater than 1.5.10 are affected.
2d94a5f031c7d5b9085cc566f159b20bThere is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is possible that a part of the document is going to be rendered before the server has finished sending the document. It is also possible that some JavaScript code is going to trigger. By making DOM modifications before the document had a chance of fully loading, followed by another set of DOM modifications after the page has been loaded, it is possible to trigger memory corruption that could possibly lead to an exploitable condition.
38a51b456f8f99a75032e480ca87fb20The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtQueryCompositionSurfaceBinding.
73d3685f1e900f98c6cd4f3a23681176The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiDoBanding.
fe4029deb9c5251a89ca66ad88be9adcThere is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 (Microsoft EdgeHTML 14.14393) as well as Microsoft Edge 40.15063.0.0 (Microsoft EdgeHTML 15.15063).
f8f0367a62a7c9dadd43f0e6c52c13e5The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiEngCreatePalette.
83ee676927d72312fbb286ed64a835d8The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetFontResourceInfoInternalW.
61dc2229ecbf3b49ce1abc604e7d026dThe Microsoft Windows kernel win32k.sys TTF font processing suffers from an out-of-bounds read vulnerability with a malformed glyf table.
6641efba2930501968ff7f836aa362bcThe Microsoft Windows kernel win32k.sys TTF font procession functionality suffers from out-of-bounds read/write vulnerabilities.
aa8a1953e3c70722e1dd32b005aa020cThe Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in nt!NtSetIoCompletion and nt!NtRemoveIoCompletion.
fd5025fc6a75cc5dbc1f54b354b0c2e7The Microsoft Windows kernel suffers from a memory disclosure in win32k!NtGdiGetPhysicalMonitorDescription.
890bef0c1635255b9915dcca14ad5865The Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in win32k!NtGdiGetGlyphOutline.
5b64942e584a037e7e24695cad37a8d2Watchguard's Firebox and XTM appliances suffer from an XML-RPC empty member denial of service vulnerability. Firmware versions below 12.0 were found to be vulnerable.
834b3f0a96297865381ef9778e35cd66iBall ADSL2+ Home Router suffers from multiple authentication bypass vulnerabilities.
1d79305ff9e23d0f385e458888f5616fUTStar WA3002G4 ADSL Broadband Modem suffers from multiple authentication bypass vulnerabilities.
76b06148bd896167e3da312b301ddd69ZKTeco ZKTime Web version 2.0.1.12280 suffers from an information disclosure vulnerability.
6b7fa287e7bbc910a93f0b738525a4b8ZKTeco ZKTime Web version 2.0.1.12280 suffers from a cross site request forgery vulnerability.
1ebd8d29476f9a7cfd4912a6b57b2711D-Link DGS-3000-10TC suffers from cross site scripting and content spoofing vulnerabilities.
3f6dd9f19a9efc47f919300380d1a65aAstaro Security Gateway 7 suffers from a remote code execution vulnerability.
593db61c13a32607441358ca66907051XYZ Auto Classifieds version 1.0 suffers from a remote SQL injection vulnerability.
a59c025d364f6d4da15216c1550a1164
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed