19 matches found
CVE-2024-31226
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...
CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...
CVE-2024-31226
Sunshine (Moonlight’s self-hosted game stream host) for Windows is affected in versions 0.17.0–0.22.2 when running as a service. An attacker could place a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the target machine and trigger hijacked execution flow during service terminat...
CVE-2024-31226 Sunshine's unquoted executable path could lead to hijacked execution flow
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named C:\Program.exe, C:\Program.bat, or C:\Program.cmd on the user's computer. This...
The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent operating system for Windows allows a malicious actor to escalate their privileges and execute arbitrary code.
The vulnerability of the Anti-Malware module of the Trend Micro Deep Security Agent antivirus protection software for Windows operating systems is related to deficiencies in access control for directories. Exploiting this vulnerability can allow attackers to enhance their privileges and execute...
CVE-2023-37378
Nullsoft Scriptable Install System NSIS before 3.09 mishandles access control for an uninstaller directory...
Improper access control
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists...
Design/Logic Flaw
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOWFILEEDIT and DISALLOWFILEMODS settings and upload arbitrary files to the site through the "ajaxsave" function. The file is written relative to the current 's stylesheet directory, and a .php...
USN-5356-1 dosbox vulnerabilities
Alexandre Bartel discovered that DOSBox incorrectly handled long lines in certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-7165 Alexandre Bartel discovered that DOSBox incorrectly performed access control over certain directories. An attacker could...
The vulnerability of the execution of the executable file C:\R-SeeNet\R_SeeNet.exe, which is part of the SnmpMonSvs service for monitoring the status and functions of Advantech R-SeeNet routers, allows a perpetrator to gain increased privileges.
The vulnerability of the executable file C:\R-SeeNet\RSeeNet.exe, which is part of the SnmpMonSvs service for monitoring the status and functions of Advantech R-SeeNet routers, is related to deficiencies in access control to the C:\R-SeeNet directory. Exploiting this vulnerability could allow an...
CVE-2019-19741
Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's...
Design/Logic Flaw
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\ used by ccschedulersvc.exe allows local attackers to hijack dotnetproxy.exe, which leads to privilege escalation when the ccSchedulerSVC service runs the executable...
Design/Logic Flaw
In Total Defense Anti-virus 9.0.0.773, insecure access control for the directory %PROGRAMDATA%\TotalDefense\Consumer\ISS\9\bd\TDUpdate2\ used by AMRT.exe allows local attackers to hijack bdcore.dll, which leads to privilege escalation when the AMRT service loads the DLL...
YiiCMS JetBrains PHPStorm 6.0.3 Database Disclosure
Exploit Title : YiiCMS JetBrains PHPStorm 6.0.3 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 10/04/2019 Vendor Homepage : jetbrains.com - yiiframework.com Software Download Link : github.com/johannesMatevosyan/yii-cms/archive/master.zip...
BEWARD Intercom 2.3.1 - Credentials Disclosure
!/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For versions above 2.2.11: The application data directory, whic...
JP1/File Transmission Server / FTP vulnerable to access control violation
Overview JP1/File Transmission Server/FTP has a vulnerability where an FTP client with limited access rights can bypass the access control and access arbitrary directories on the FTP server when enabling the directory access control function. Impact An attacker with login privileges to the FTP...
smbftpd 0.96 format string vulnerability
smbftpd 0.96 format string vulnerability -------------------------------------------------------------------------- Versions: 0.96 maybe earlier versions as well Date: 01 Oct 2007 Author: Jerry Illikainen email: [email protected] www: debork.se Introduction ------------ "SmbFTPD is a FTP daemon for...
CVE-2006-0370
RCBlog 1.03 is affected by CVE-2006-0370 due to insufficient access control that allows remote attackers to view account names and MD5 password hashes by accessing data and config directories under the web root. OpenVAS/Nessus entries corroborate a related directory traversal/vector in RCBlog’s P...
Samba < 3.0.10 Directory Access Control List Remote Integer Overflow
Binary data 2463.prm...