Displaying 201 - 220 of 38219

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Microsoft Edge Chakra engine. Specifically the vulnerability is under the CrossSite class, which passes Javascript variables across different contexts. An attacker who successfully exploits the vulnerability could trigger a Use-After-Free condition.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution on Realtek SDK Miniigd UPnP SOAP service. This vulnerability is due to improper handling of the parameter under xml tag when a client sends SOAP traffic to the server. A remote unauthenticated attacker can exploit this vulnerability by sending crafted http requests to the target server. Successful exploitation results in remote code execution.

CVSS: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)

This strike exploits a PHP information disclosure vulnerability before version 5.6.31 and 7.x before 7.1.7 . This vulnerability is due to improper handling of objects in memory under GIF decoding function gdImageCreateFromGifCtx in gd gif in.c file. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted image file to the target server. Successful exploitation results in...

CVSS: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)

This strike exploits a memory leak denial of service vulnerability in ISC BIND. Requests with multiple edns-key-tag EDNS0 options result in a memory leak. An attacker can send multiple messages with multiple edns-key-tag EDNS0 options to exhaust system memory, resulting in a denial of corruption condition. Note: it takes thousands of malicious messages to exhaust a systems memory. However a single...

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Microsoft Edge Browser. Specifically, a type confusion vulnerability exists in the Chakra Javascript engine. When object header inlining is deoptimized, the type handler of the object is converted to a dictionary type handler. However, not all attributes belong to the dictionary type, and they are not taken into consideration. If these types are added or...

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike attempts to recreate a sequence of packets correlated with a buffer overflow vulnerability in Microsoft Windows SMBv1 service. Affected versions include Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold releases 1511 and 1607, and Windows Server 2016. The vulnerability is due to...

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

This strike exploits a remote code execution in LimeSurvey. The vulnerability resides in a PHP Phar deserialization within the TCPDF component and can be exploited by uploading a malicious JPEG/Phar polyglot and exporting the survey that contains it. Exploiting this flaw requires authenticatiuon and results in remote code execution.

CVSS: 9.0 (AV:N/AC:L/Au:N/C:C/I:P/A:P)

This strike replicates an integer overflow exploit for Chrome browser engine. The vulnerability can be triggered via the Array JS API by using the ArrayConcat or ArrayPrototypeFill as entry points. By successfully exploiting this flaw, an attacker can execute arbitrary code in the context of the Chromes renderer process.

CVSS: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

This strike attempts to recreate a sequence of packets correlated with a heap buffer overflow vulnerability in Microsoft Windows SMBv1 service. Affected versions include Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold releases 1511 and 1607, and Windows Server 2016. The vulnerability is due...

CVSS: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)

This strike exhibits the network behavior of a buffer overflow vulnerability inside TP-Link WiFi router. The vulnerability is due do insufficient user input validation passed to ping addr parameter pertaining to PingIframeRpm.htm form. By crafting a malicious HTTP request, an attacker can cause DoS conditions or achieve code execution on the target device.

CVSS: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in the Microsoft Edge Browser. Specifically, the vulnerability exists when the BoundFunction::NewInstance function is used to handle calls to a bound function. This method allocates a new argument array and copies the arguments into the new argument array. It will call the function without respecting the CallFlags ExtraArg flag that indicates that theres an extra...

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Apple Safari Webkit. It is possible to craft javascript and html in such a way that when calling the handleMenuItemSelected method a Use-After-Free vulnerability will occur. This can lead to a denial of service condition in the browser, or potentially allow for remote code execution.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a remote code execution vulnerability on Linksys E Series Router. This vulnerability is due to improper handling of the parameter under ttcp ip under http request. A remote unauthenticated attacker can exploit this vulnerability by sending crafted http requests to the target server. Successful exploitation results in remote code execution.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits an integer overflow vulnerability in Adobe Acrobat Reader ImageConversion component. The vulnerability is due to improper parsing of EmfPlusDrawString data records in an EMF file. Successful exploitation may result in execution of arbitrary code with user privileges. Failure to exploit will not typically result in a crash.

CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

This strike exploits a vulnerability in Mozilla Firefox. It is possible to craft Javascript in such a way that allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting attack when calling the crypto.generateCRMFRequest function. This can lead to remote code execution on the victims Machine.

CVSS: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)

This strike exploits an arbitrary file deletion vulnerability in Oracle SE 8. The vulnerability is due to improper filtering of jlnp URL variable. An attacker can entice the victim to click the malicious link. Successful exploitation may lead to file deletion on client side.

CVSS: 8.3 (AV:N/AC:M/Au:N/C:C/I:P/A:P)

This strike replicates a Use-After-Free exploit for Chromium browser engine. The vulnerability can be triggered via the FileReader JS API by creating two array references to the same file reader result then using another mechanism to free the underlying memory. By successfully exploiting this flaw, an attacker can execute arbitrary code in the context or the Chromes renderer process.

CVSS: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

This strike exploits a vulnerability in Apple Safari Webkit. It is possible to craft Javascript in such a way that will cause type confusion to occur when using a CustomGetterSetter object linked to regExpConstructorInput. This can lead to a denial of service in the browser or potentially allow for remote code execution to occur.

CVSS: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)

This strike exploits a local file inclusion vulnerability in WordPress Plugin Anti-Malware and Brute-Force Firewall 4.18.63. The vulnerability is due to improper sanitization of the base64 encoded GOTMLS scan parameter. By successfully exploiting this vulnerability, an authenticated attacker could retrieve arbitrary files from the target server.

CVSS: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

A memory corruption vulnerability exists in the dhcpssvc.dll component of Windows DHCP Server. The vulnerability is triggered when the DHCP server parses a DHCP DISCOVER packet containing an altered Vendor Specific Information header field. By exploiting the vulnerability, an attacker may be able to execute arbitrary code with SYSTEM privileges.

Pages