73 matches found
windows-seleniumjar-mirror remote code execution vulnerability
windows-seleniumjar-mirror is a package for downloading selenium jar files. A security vulnerability exists in windows-seleniumjar-mirror, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...
limbus-buildgen code execution vulnerability
limbus-buildgen is a library that generates build files for small C/C++ codebases. A security vulnerability exists in limbus-buildgen, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by interceptin...
roslib-socketio code execution vulnerability
roslib-socketio is a ROS Robot Operating System JavaScript support library. A security vulnerability exists in roslib-socketio, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the...
tomita-parser file download vulnerability
tomita-parser is a tool that provides structured data from natural language text. A file download vulnerability exists in tomita-parser that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...
Prince Code Execution Vulnerability
Prince is a use of JavaScript to convert XML/HTML files into PDF documents API. A security vulnerability exists in Prince that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the respon...
APC UPS Daemon Local Lift Vulnerability
Apcupsd APC UPS Daemon can be used for power management and control of most APC UPS models on Unix and Windows machines. APC UPS Daemon is vulnerable to a local privilege extraction vulnerability. It allows locally authenticated, unprivileged users to run arbitrary code with elevated privileges b...
Liebert MultiLink Automated Shutdown Elevation of Privilege Vulnerability
Liebert MultiLink Automated Shutdown is a set of programs used in Liebert UPS systems to prevent automatic server shutdown. A security vulnerability exists in Liebert MultiLink Automated Shutdown version 4.2.4. A local attacker can exploit this vulnerability by replacing the LiebertM executable...
Design/Logic Flaw
Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file...
CVE-2015-7260
CVE-2015-7260 affects Liebert MultiLink Automated Shutdown, specifically version 4.2.4. A local attacker can escalate privileges by replacing the LiebertM executable. The vulnerability details across sources describe a local-exploit scenario with privilege elevation, but remediation/patch informa...
CVE-2003-0365
ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs...
Microsoft Systems Management Server 2.0 - Default Permissions
source: https://www.securityfocus.com/bid/945/info The default permissions applied to the directory containing the SMS Remote Control executable allow any user to replace the executable with any other executable. The new executable will run with System privileges after the next reboot. Replace...
Microsoft Systems Management Server 2.0 - Default Permissions
Microsoft Systems Management Server 2.0 - Default Permissions source: https://www.securityfocus.com/bid/945/info The default permissions applied to the directory containing the SMS Remote Control executable allow any user to replace the executable with any other executable. The new executable wil...
CVE-1999-1019
SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable processd with a Trojan horse, facilitating a root or Administrator compromise...