Subscribe via feed.
Archive for February, 2016

[local] – Microsoft Windows – AFD.SYS Dangling Pointer Privilege Escalation (MS14-040)

Posted by deepcore under Security (No Respond)

Microsoft Windows – AFD.SYS Dangling Pointer Privilege Escalation (MS14-040)

Tags: ,

[dos] – Ntpd <= ntp-4.2.6p5 – ctl_putdata() Buffer Overflow

Posted by deepcore under Security (No Respond)

Ntpd <= ntp-4.2.6p5 – ctl_putdata() Buffer Overflow

Tags: ,

[dos] – Network Scanner Version 4.0.0.0 – SEH Crash POC

Posted by deepcore under Security (No Respond)

Network Scanner Version 4.0.0.0 – SEH Crash POC

Tags: ,

[webapps] – Tiny Tiny RSS – Blind SQL Injection

Posted by deepcore under Security (No Respond)

Tiny Tiny RSS – Blind SQL Injection

Tags: ,

[local] – Windows Kerberos Security Feature Bypass (MS16-014)

Posted by deepcore under Security (No Respond)

Windows Kerberos Security Feature Bypass (MS16-014)

Tags: ,

WinREST Remote Privilege Escalation

Posted by deepcore under exploit (No Respond)

WinREST point of sale machines suffer from a remote privilege escalation vulnerability.

SIMOGEO FileManager 2.3.0 File Upload

Posted by deepcore under exploit (No Respond)

SIMOGEO FileManager version 2.3.0 suffers from a remote unauthenticated arbitrary file upload vulnerability.

A.Shop 3.9.3 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

A.Shop version 3.9.3 suffers from a cross site scripting vulnerability.

Arris DG1670A Cable Modem Remote Command Execution

Posted by deepcore under exploit (No Respond)

The Arris DG1670A leverages a combination of technologies to deliver the product functionality. Combining several of these technologies in an unanticipated way will allow an attacker to execute arbitrary commands on the underlying operating system as the most privileged user.

[webapps] – Solr 3.5.0 – Arbitrary Data Deletion

Posted by deepcore under Security (No Respond)

Solr 3.5.0 – Arbitrary Data Deletion

Tags: ,