620 matches found
Apache Camel: source code security analysis report
Several vulnerabilities were discovered in The Apache Software Foundation 'Apache Camel' software: Using Synchronization Primitives in EJB components Missing Verification of Executable Files' Digital Signature when Executing them from Untrusted Sources Violating the Java Object Model Using...
Design/Logic Flaw
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...
CVE-2016-0226
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...
About the security content of Apple TV 7.2.1
About the security content of Apple TV 7.2.1 This document describes the security content of Apple TV 7.2.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are availabl...
Trend Micro Password Manager program arbitrary command execution vulnerability verification-vulnerability and early warning-the black bar safety net
Trend Micro antivirus software to suit the windows version, contains a password management program, the program is also in the official website provides a single download connection, is a free service. The default installation of the latest TRAND Micro: the ! 1 Figure 1 Can in Data Security find...
JVN#64636058: WinRAR may insecurely load executable files
WinRAR contains a function where user specified files on the local disk can be executed. When this file does not have a file extension, a file of the same name with a file extension contained in the same folder may be executed by WinRAR instead of the user specified file. WinRAR also contains a...
Cyclope Employee Surveillance 8.6.1 Insecure File Permissions
Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link: http://www.cyclope-series.com/setups/setup.exe Software descriptio...
Cyclope Employee Surveillance v8.6.1 Insecure File Permissions Vulnerability
Exploit for windows platform in category local exploits Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...
Malicious Mail Payload Containing JavaScript Downloader
Certain malicious executable files can be hidden using js downloader file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...
FreeBSD : chromium -- multiple vulnerabilities (9d732078-32c7-11e5-b263-00262d5ed8ee)
Google Chrome Releases reports : 43 security fixes in this release, including : - 446032 High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer. - 459215 High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft. - 461858 High CVE-2015-1274: Settings allowed...
openSUSE Security Update : Chromium (openSUSE-2015-513)
Chromium was updated to 44.0.2403.89 to fix multiple security issues. The following vulnerabilities were fixed : - CVE-2015-1271: Heap-buffer-overflow in pdfium - CVE-2015-1273: Heap-buffer-overflow in pdfium - CVE-2015-1274: Settings allowed executable files to run immediately after download -...
Google Chrome Multiple Vulnerabilities-01 (Jul 2015) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2015-1900
IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors...
Threat Outbreak Alert RuleID8337: Email Messages Distributing Malicious Software on January 21, 2016
Medium Alert ID: 38981 First Published: 2015 May 23 03:13 GMT Last Updated: 2016 January 21 20:55 GMT Version: 30 Summary Email messages that are related to this threat RuleID8337 and RuleID8337KVR may contain the following files: Name | Size in Bytes | MD5 Checksum ---|---|--- Pay Slip.zip /...
SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2013:1256-1)
IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed : - add Europe/Busingen to tzmappings bnc817062 - mark files in jre/bin and bin/ as executable bnc823034 Note that...
HUAWEI MobiConnect weak permissions
Weak permissions for executable files...
CVE-2015-1248
The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...
UBUNTU-CVE-2015-1248
The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...
CVE-2015-1248
The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...