Lucene search
+L

137 matches found

CVE
CVE
added 2020/05/21 2:3 p.m.218 views

CVE-2020-5752

CVE-2020-5752: Druva inSync Windows Client contains a path traversal vulnerability in the inSyncCPHwnet64 RPC service (port 6064) that can be exploited locally to run commands as SYSTEM on Windows 10 (x64) with inSync Client 6.6.3 and below. The RPC type 5 handling flaw enables command injection ...

7.8CVSS8AI score0.08607EPSS
Exploits12References3Affected Software1
Circl
Circl
added 2020/05/12 6:48 p.m.35 views

CVE-2020-5752

creationtimestamp| type| source ---|---|--- 2020-05-12 18:48:12+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/druvainsyncinsynccphwnet64rcptype5privesc.rb 2020-05-22 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48505...

7.8CVSS7.7AI score0.08607EPSS
Exploits12References2
Metasploit
Metasploit
added 2020/05/06 2:9 p.m.419 views

Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation

Druva inSync client for Windows exposes a network service on TCP port 6064 on the local network interface. inSync versions 6.6.3 and prior do not properly validate user-supplied program paths in RPC type 5 messages, allowing execution of arbitrary commands as SYSTEM. This module has been tested...

7.8CVSS7.9AI score0.08607EPSS
Exploits18
Cvelist
Cvelist
added 2018/06/15 9:0 p.m.21 views

CVE-2018-5752

The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery SSRF attacks via vectors involving non-decimal representations of IP addresses and...

8.6AI score0.08283EPSS
Exploits5References3
CVE
CVE
added 2018/06/15 9:0 p.m.79 views

CVE-2018-5752

Open-Xchange OX App Suite vulnerability CVE-2018-5752 affects the backend component in versions before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22. The issue is a server-side request forgery (SSRF) via vectors involving non-decimal representations...

8.8CVSS6.7AI score0.08283EPSS
Exploits5References3Affected Software1
NVD
NVD
added 2017/03/23 6:59 a.m.14 views

CVE-2016-5752

The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester...

7.5CVSS7.5AI score0.0109EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/03/23 6:36 a.m.18 views

CVE-2016-5752

The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 before 4.1.2 HF1 and 4.2 before 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original requester...

7.5AI score0.0109EPSS
Exploits0References1
CVE
CVE
added 2017/03/23 6:36 a.m.47 views

CVE-2016-5752

The CVE-2016-5752 entry concerns NetIQ Access Manager’s Identity Server SAML2 implementation. Affected versions are 4.1 prior to 4.1.2 HF1 and 4.2 prior to 4.2.2. The issue arises from handling unsigned SAML requests, causing leakage of results to a potentially malicious Assertion Consumer Servic...

7.5CVSS7.4AI score0.0109EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2015/08/17 12:0 a.m.15 views

CVE-2015-5752

Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink...

5CVSS5.5AI score0.01709EPSS
Exploits0References4
CVE
CVE
added 2015/08/16 11:0 p.m.46 views

CVE-2015-5752

CVE-2015-5752 (Apple iOS Backup Symbolic Link Vulnerability) Affected software: Apple iOS prior to 8.4.1, specifically the Backup component. Root cause: A symbolic link handling flaw in the backup mechanism allowed a crafted app to create symlinks that bypassed intended filesystem access restrict...

5CVSS5.6AI score0.01709EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/08/16 11:0 p.m.25 views

CVE-2015-5752

Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem access via a crafted app that creates a symlink...

5.5AI score0.01709EPSS
Exploits0References4
CVE
CVE
added 2014/09/09 10:0 a.m.31 views

CVE-2014-5752

CVE-2014-5752 affects the Android app wTradersActivity (com.wTradersActivity) version 0.1, where the application does not verify X.509 certificates from SSL servers. This vulnerability can enable man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certifica...

5.4CVSS6AI score0.00271EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.30 views

Oracle Linux 3 : httpd (ELSA-2007-0533)

From Red Hat Security Advisory 2007:0533 : Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a...

5CVSS6.9AI score0.27783EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.29 views

Oracle Linux 5 : Moderate: / httpd (ELSA-2007-0556)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0556 advisory. 2.2.3-7.el5.0.1 - Marks removal + index page cleanup 2.2.3-7.el5 - add security fixes for CVE-2007-1863, CVE-2007-3304, and CVE-2006-5752 244665 Tenabl...

5CVSS7.6AI score0.27783EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.36 views

RHEL 4 : Proxy Server (RHSA-2008:0263)

Red Hat Network Proxy Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Proxy Server components. This update has been rated as having low security impact by the Red Hat Security Response Team. The Red Hat Network Proxy Server 5.0....

5CVSS5.7AI score0.75891EPSS
Exploits4References13
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.29 views

SLES9: Security update for apache2

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-doc apache2 apache2-prefork apache2-worker apache2-devel apache2-example-pages libapr0 For more information, please visit the referenced security...

6.1CVSS6.8AI score0.27783EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-499-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.8AI score0.27783EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.29 views

Fedora Update for httpd FEDORA-2007-617

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.8AI score0.27783EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.30 views

Fedora Update for httpd FEDORA-2007-2214

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.1CVSS6.8AI score0.27783EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.19 views

Fedora Update for httpd FEDORA-2007-0704

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.8AI score0.11786EPSS
Exploits2References2
Rows per page
Query Builder