70 matches found
EUVD-2014-3812
Malware in sbrugna...
EUVD-2014-3813
Malware in sbrugna...
EUVD-2012-1319
Malware in sbrugna...
EUVD-2005-1335
Malware in sbrugna...
EUVD-2011-1416
Malware in sbrugna...
EUVD-2014-3814
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-15591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fexsrv in FEX aka Frams' Fast File EXchange before fex-201609192 allows eval injection for unauthenticated remote code execution. CVE-2020-15591 Note that Nessu...
CVE-2021-20791
Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the web browser via unspecified vectors...
The vulnerability of the video file exchange function in Jitsi Meet software, which allows attackers to upload arbitrary video files.
The vulnerability of the video file exchange function in Jitsi Meet software for conducting video conferences is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to upload arbitrary video files remotely...
The vulnerability of the software for FileCatalyst Workflow’s file exchange mechanism lies in the lack of protective measures for the SQL query structure, allowing attackers to exploit their privileges.
The vulnerability of the FileCatalyst Workflow file sharing software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges by injecting specially crafted SQL queries...
JVN#35928117: Protection mechanism failure in RevoWorks
RevoWorks SCVX and RevoWorks Browser provided by J's Communication Co., Ltd. enable users to execute web browsers in the sandboxed environment isolated from the client's local environment. In the products, file exchange between the sandboxed environment and local environment is prohibited in...
Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation
Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 CVSS score: 9.8 and CVE-2021-35394 CVSS score: 9.8 to deliver MooBot and ShellBot aka PerlBot, Fortinet...
Unspecified Vulnerability in ZOHO ManageEngine Device Control Plus (CNVD-2023-00006)
ZOHO ManageEngine Device Control Plus is a USB device control software from ZOHO USA. It is used to control, block and monitor all removable devices connected to the computer. A security vulnerability exists in ZOHO ManageEngine Device Control Plus version 10.1.2228.15, which originates from the...
Unspecified Vulnerability in ZOHO ManageEngine Device Control Plus
ZOHO ManageEngine Device Control Plus is a USB device control software from ZOHO USA. It is used to control, block and monitor all removable devices connected to the computer. A security vulnerability exists in ZOHO ManageEngine Device Control Plus version 10.1.2228.15 that originates from the...
Phoenix Contact Automation Worx
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Phoenix Contact Equipment: Automation Worx Software Suite Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these...
UBUNTU-CVE-2020-15591
fexsrv in FEX aka Frams' Fast File EXchange before fex-201609192 allows eval injection for unauthenticated remote code execution...
Remote code execution
fexsrv in FEX aka Frams' Fast File EXchange before fex-201609192 allows eval injection for unauthenticated remote code execution...
PT-2022-8576 · F*Ex · F*Ex
Name of the Vulnerable Software and Affected Versions: FEX aka Frams' Fast File EXchange versions prior to fex-20160919 2 Description: The issue allows for eval injection, which can be used for unauthenticated remote code execution. Recommendations: For versions prior to fex-20160919 2, update to...
F*EX 代码注入漏洞
FEX is a Perl-based HTTP file exchange service from the individual developer sahwar in Bulgaria. A security vulnerability exists in FEX that allows eval injection for unauthenticated remote code execution...
CVE-2021-20791
Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the web browser via unspecified vectors...