Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
A Heap Overflow vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server.
This version improves the detection of the effectiveness in non-vulnerable targets.
This version improves the detection of the effectiveness in non-vulnerable targets.
This update adds support for new platforms to the MS17-010 exploitation such as Windows 7 Embedded Standard edition, and also 32 bits targets.
A Heap Overflow vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server.
Oracle Database Server is prone to a remote vulnerability that allows attackers to poison the data handled by the remote 'TNS Listener' component of the application.
This module tries to verify if the vulnerability is present in the 'TNS Listener' component of the database server, without deploying an agent.
This module tries to verify if the vulnerability is present in the 'TNS Listener' component of the database server, without deploying an agent.
Advantech WebAccess SCADA lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer overflow and executes remote code.
Single stage agent wrappers were modified to be more stealth
Server is prone to a stack-based buffer overflow vulnerability when processing long requests. This flaw can be exploited to execute arbitrary code by sending the server a special crafted request.
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated remote attacker, to execute arbitrary commands with SYSTEM user privileges.