An OS Command Injection Vulnerability was found in Apache Tika Server 1.11= Version =1.17. The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request.
A Buffer Overflow exists when parsing .PDF files. The vulnerability is caused due to a boundary error when handling a crafted .PDF files.
A Buffer Overflow exists when parsing .mp3/wma files. The vulnerability is caused due to a boundary error when handling a crafted .mp3/wma files.
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.
A Heap Overflow vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server.
This version improves the detection of the effectiveness in non-vulnerable targets.
This version improves the detection of the effectiveness in non-vulnerable targets.
This update adds support for new platforms to the MS17-010 exploitation such as Windows 7 Embedded Standard edition, and also 32 bits targets.
Path traversal vulnerability in WinRAR when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
The user can write 0 where he wants. This can be used to write SecurityDescriptor and write system processes. Therefore we can elevate privileges.
An arbitrary memory r/w access issue was found in the Linux kernel compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation errors in the eBPF verifier module, triggered by user supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter "kernel.unprivileged_bpf_disabled=1" prevents such privilege escalation by restricting access to bpf(2) call.
A Heap Overflow vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server.