Imagemagick Studio ImageMagick Security Breach

Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in ImageMagick version 6.9.11-40 and version 7.x and...

CVE-2020-29599

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via...

PT-2020-6178 · Imagemagick +7 · Imagemagick +7

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 6.9.11-40 and earlier, 7.x versions prior to 7.0.10-40 Description: The issue is related to the -authenticate option in ImageMagick, which is used for setting passwords for password-protected PDF files. The user-controlle...

freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadAuthenticateMessage. This has been fixed in 2.1.0...

CVE-2020-12789

The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets...

Microsoft Windows/Windows Server Denial of Service Vulnerability (CNVD-2021-66068)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A denial of service vulnerability exists in Microsoft Windows/Windows Server, which...

Exploit for Path Traversal in Bludit

CVE-2019-16113 CVE-2019-16113 - bludit = 3...

FreeRDP Buffer Overflow Vulnerability (CNVD-2020-31438)

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A buffer overflow vulnerability exists in ntlmreadAuthenticateMessage in FreeRDP 2.0.0 and prior versions. The vulnerability stems from a networked system or product performing operations in memory...

DEBIAN-CVE-2020-11087

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlmreadAuthenticateMessage. This has been fixed in 2.1.0...

IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 Information Disclosure (CVE-2018-1957)

The IBM WebSphere Application Server running on the remote host is version 9.0.0.0 through 9.0.0.9 prior to 9.0.0.10. It is, therefore, affected by a information disclosure vulnerability. The vulnerability exists in IBM WebSphere Application Server due to mishandling of data by the application...

PT-2020-12544 · Freerdp +6 · Freerdp +6

Name of the Vulnerable Software and Affected Versions: FreeRDP versions 2.0.0 and earlier Description: The issue is related to an out-of-bound read in the ntlm read AuthenticateMessage function. This has been fixed in version 2.1.0. Recommendations: For FreeRDP versions 2.0.0 and earlier, update ...

CVE-2020-11723

Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction...

Intel Authenticate Elevation of Privilege Vulnerability

Intel Authenticate is a set of multi-factor authentication software from the U.S. company Intel Intel. An elevation of privilege vulnerability exists in the software installer in versions prior to Intel Authenticate 3.8. A local attacker could exploit this vulnerability to gain elevation of...

The vulnerability of the Intel(R) Authenticate software installation mechanism allows a perpetrator to gain increased privileges.

The vulnerability of the IntelR Authenticate software installation mechanism is related to permission processing errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2019-11143

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-11143

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

Input validation

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-11143

Improper permissions in the software installer for IntelR Authenticate before 3.8 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-11143

Summary : CVE-2019-11143 affects Intel® Authenticate prior to 3.8 due to improper permissions in the software installer, which could allow an authenticated local user to escalate privileges. Intel specifies updates to 3.8 or later as remediation. Other sources (Red Hat, CNVD, CNVD-derived listing...

RHEL 7 : libssh2 (RHSA-2019:2399)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2399 advisory. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fixes: libssh2: Integer overflow in transport read...