On October 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1166 and CVE-2019-1338, two serious vulnerabilities that may leading to a full Active Directory domain compromise.
The security expert Dirk-jan Mollema discovered a privilege escalation vulnerability in Microsoft Exchange that could be exploited by a user to become a Domain Admin.
These vulnerabilities could be exploited in shared hosting environments to gain access to all databases Some weeks ago i have reported about 2 critical 0Day vulnerabilities of MySQL (and his forks MariaDB e PerconaDB). At that time, the security researcher Dawid Golunski published only technical details and proof-of-concept exploit code for the first bug. Now […]
Oracle, are you there? We need you! Dawid Golunski, a Polish security researcher discovered several security issues in the MySQL DBMS, including a vulnerability flaw (CVE-2016–6662) that can be exploited by a remote attacker to inject malicious settings into my.cnf configuration files. The vulnerability that affect all currently supported MySQL versions as well as MariaDB and […]
Exodus Intelligence have released the proof of concept code on their GitHub page On February, 10 2016 a vulnerability related to the Internet Key Exchange (IKE) protocol implementation of Cisco devices (CVE-2016–1287) was ufficially released. Yesterday, the researchers who found this bug, Exodus Intel, have released the proof of concept code on their GitHub page. Affected […]