Aggregator

A vulnerability, which was classified as very critical, was found in Oracle HTTP Server 12.2.1.3.0/12.2.1.4.0. Affected is an unknown function of the component Web Listener. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2019-5482. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell it on the RAMP cybercrime forum. [...]

Author/Presenter: Fabricio Gimenes

Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.

Permalink

The post BSidesLV24 – GroundFloor – Windows EventLog Persistence? The Windows Can Help Us appeared first on Security Boulevard.

A vulnerability has been found in Microsoft Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component Hyper-V. The manipulation leads to improper input validation. This vulnerability is known as CVE-2019-0620. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows and classified as critical. Affected by this issue is some unknown functionality of the component ActiveX. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2019-0888. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows 10/10 1607/10 1703/10 1709/Server 2016. It has been classified as critical. This affects an unknown part of the component Hyper-V. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2019-0709. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been declared as critical. This vulnerability affects unknown code of the component Hyper-V. The manipulation leads to improper input validation. This vulnerability was named CVE-2019-0722. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Hyper-V. The manipulation leads to improper input validation. This vulnerability is known as CVE-2019-0710. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been rated as critical. Affected by this issue is some unknown functionality of the component Hyper-V. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2019-0711. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in Microsoft Windows. This affects an unknown part of the component Hyper-V. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2019-0713. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in Microsoft Windows. This vulnerability affects unknown code of the component JET Database Engine. The manipulation leads to memory corruption. This vulnerability was named CVE-2019-0904. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in Microsoft Windows. This issue affects some unknown processing of the component JET Database Engine. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2019-0905. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Microsoft Windows. Affected is an unknown function of the component JET Database Engine. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2019-0906. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component JET Database Engine. The manipulation leads to memory corruption. This vulnerability is known as CVE-2019-0907. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows and classified as critical. Affected by this issue is some unknown functionality of the component JET Database Engine. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2019-0908. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been classified as critical. This affects an unknown part of the component JET Database Engine. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2019-0909. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A hacker exploiting the security flaw in the mobile provider's network could have potentially located a call recipient with accuracy of up to 100 square meters.

A vulnerability was found in Microsoft Windows. It has been declared as critical. This vulnerability affects unknown code of the component Common Log File System Driver. The manipulation leads to improper input validation. This vulnerability was named CVE-2025-32706. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A flaw in O2 4G Calling (VoLTE) leaked user location data via network responses due to improper IMS standard implementation. A flaw in 4G Calling (VoLTE) service of the UK telecom O2 exposed user location data through network responses due to flaws in the IMS standard implementation. 4G Calling, also known as VoLTE (Voice over […]

A vulnerability, which was classified as very critical, was found in Vertiv Liebert RDU101 and Liebert IS-UNITY. This affects an unknown part. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-41426. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.