983 matches found
Bitdefender Internet Security Inno File Locations Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Hewlett Packard Enterprise Intelligent Management Center mediaForAction Expression Language Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Expression Language Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Dell Storage Manager EmWebsiteServlet Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Dell Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doGet method of the EmWebsiteServlet class, which listens on TCP port...
Bitdefender Internet Security AutoIt v3 Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Apple iTunes iPodService Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple iTunes. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...
EMC Data Protection Advisor ImageServlet Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Data Protection Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ImageServlet servlet which listens on TCP ports 9002 and 9004...
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10008 Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dbman service, which listens on TCP port...
Hewlett Packard Enterprise Intelligent Management Center imcwlandm Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HPE iMC Server service, which listens on...
Hewlett Packard Enterprise Intelligent Management Center FileDownloadServlet fileName Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The...
Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Bitdefender Internet Security SIS Parsing Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Bitdefender Internet Security NSIS Entries Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Web Servers Malicious Upload Directory Traversal (CVE-2022-29596)
A directory traversal vulnerability exists in web servers. The vulnerability allows unauthorized users to upload malicious files to the server. A remote attacker can exploit this vulnerability by uploading an arbitrary, executable file and executing it under the context of SYSTEM...
HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation
HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HP-TOUCHSMART-CALENDAR-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Vendor: ==========...
Microsoft Windows NtGdiQueryFonts Information Disclosure Vulnerability
This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...
AVG Internet Security avgtdix.sys Kernel Memory Corruption Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of AVG Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of...
Siemens SINEMA Server Insecure File Permissions Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Siemens SINEMA Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of the product. The executables for new system services are stored ...
Microsoft Windows win32k RGNOBJ Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RGNOBJ objects...
IBM Informix Dynamic Server Privilege Escalation Vulnerability (Mar 2016) - Windows
IBM Informix Dynamic Server is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...