Lucene search
K

219 matches found

NVD
NVD
added 2018/04/02 1:29 p.m.15 views

CVE-2018-6660

Directory Traversal vulnerability in McAfee ePolicy Orchestrator ePO 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XML file...

6.2CVSS6.2AI score0.01685EPSS
Exploits0References3
OSV
OSV
added 2018/04/02 1:29 p.m.4 views

CVE-2018-6660

Directory Traversal vulnerability in McAfee ePolicy Orchestrator ePO 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XML file...

4.9CVSS5.8AI score0.01685EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/04/02 1:0 p.m.19 views

CVE-2018-6660 SB10228 ePO Directory Traversal vulnerability

Directory Traversal vulnerability in McAfee ePolicy Orchestrator ePO 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XML file...

6.2CVSS6.3AI score0.01685EPSS
Exploits0References3
Prion
Prion
added 2018/01/12 5:29 p.m.14 views

Code injection

The backup mechanism in the adb tool in Android might allow attackers to inject additional applications APKs and execute arbitrary code by leveraging failure to filter application data streams...

4.6CVSS8AI score0.00404EPSS
Exploits1References6
Cvelist
Cvelist
added 2018/01/12 5:0 p.m.18 views

CVE-2014-7952

The backup mechanism in the adb tool in Android might allow attackers to inject additional applications APKs and execute arbitrary code by leveraging failure to filter application data streams...

7.8AI score0.00404EPSS
Exploits1References6
OSV
OSV
added 2017/10/27 11:24 a.m.7 views

SUSE-SU-2017:2869-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.90 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service assertion failure, and hypervisor hang or...

8.8CVSS8.7AI score0.03763EPSS
Exploits8References153
Amazon
Amazon
added 2017/09/18 12:0 a.m.66 views

Medium: kernel

Issue Overview: The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO...

8.8CVSS8.9AI score0.00497EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/08/15 12:49 p.m.48 views

CVE-2017-12134

The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability...

8.8CVSS5.8AI score0.00497EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2017/06/28 3:0 p.m.16 views

Adware the series, part 6

In this series of posts, we will be using the flowchart below to follow the process of determining which adware we are dealing with. Our objective is to give you an idea of how many different types of adware are around for Windows systems. Though most are classified as PUPs, you will also see the...

7AI score
Exploits0
Veracode
Veracode
added 2017/02/10 1:57 a.m.16 views

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible because the dtls1listen function doesn't correctly isolate the state information of independent data streams...

5CVSS6.7AI score0.07295EPSS
Exploits0References18Affected Software1
Kitploit
Kitploit
added 2016/10/21 2:21 p.m.137 views

ir-rescue - A Windows Batch Script To Comprehensively Collect Host Forensic Data

ir-rescue is a lightweight Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility and artifacts that are changed with the execution of the script e.g. , prefetch files. It is intended for incident response use a...

7AI score
Exploits0References5
CNVD
CNVD
added 2016/04/26 12:0 a.m.3 views

Foxit Reader and PhantomPDF Denial of Service Vulnerability

Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A security vulnerability exists in Windows-based versions of Foxit Reader and PhantomPDF 7.3.0.118 and earlier versions, which can be exploited by remote attackers to cause a...

7.5CVSS6.7AI score0.01269EPSS
Exploits0References1
OSV
OSV
added 2016/04/25 12:59 a.m.1 views

DEBIAN-CVE-2016-2114

The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream...

5.9CVSS9AI score0.02601EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/03/25 12:0 a.m.14 views

IT-Grundschutz M4.332: Sichere Konfiguration der Zugriffssteuerung bei einem Samba-Server

IT-Grundschutz M4.332: Sichere Konfiguration der Zugriffssteuerung bei einem Samba-Server Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM4332.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 4.332 Authors: Thomas Rotter Copyright: Copyright c 20...

0.3AI score
Exploits0References1
Kitploit
Kitploit
added 2015/02/03 10:12 p.m.37 views

Socat - Multipurpose relay (SOcket CAT)

Socat is a utility similar to the venerable Netcat that works over a number of protocols and through a files, pipes, devices terminal or modem, etc., sockets Unix, IP4, IP6 - raw, UDP, TCP, a client for SOCKS4, proxy CONNECT, or SSL, etc. It provides forking, logging, and dumping, different modes...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

dwebpro 6.8.26 (dt/fd) Multiple Vulnerabilities

No description provided by source. dWebPro v 6.8.26 ============================================ Remote Directory Tarvelsal && Remote File Disclosure p0c's ============================================ Download : http://www.dwebpro.com/downloads/dwebpro6.8.26.exe...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Pserv 2.0 - HTTP Version Specifier Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6285/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this vulnerability by issui...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/01/06 6:32 p.m.2 views

samba: no access check verification on stream files

Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfsstreamsdepot or vfsstreamsxattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream ADS...

4CVSS7.4AI score0.09017EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.22 views

CentOS Update for libsmbclient CESA-2013:1806 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.7AI score0.09017EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/12/10 12:15 a.m.3 views

samba: no access check verification on stream files

Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfsstreamsdepot or vfsstreamsxattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file and an associated alternate data stream ADS...

4CVSS7.4AI score0.09017EPSS
Exploits0References5
Rows per page
Query Builder