779 matches found
Privilege escalation
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'...
Windows Printer Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers. An authenticated attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. To exploit this...
Gemalto SafeNet Sentinel LDK License Manager Backlink Vulnerability
SafeNet Sentinel LDK License Manager is a license manager. A backlink vulnerability exists in Gemalto SafeNet Sentinel LDK License Manager. The vulnerability arises from a network system or product that does not properly filter the filenames of links or shortcuts that represent unintended...
Information Disclosure
symfony/symfony is vulnerable to information disclosure. The vulnerability exists as the file paths were not escaped before it is used in FileBinaryMimeTypeGuesser, allowing Mime-type to be guessed...
Iceweasel-firegpg Backlink Vulnerability
Iceweasel-firegpg is a content encryption package for the Iceweasel browser. A backlink vulnerability in Iceweasel-firegpg versions prior to 0.6, which stems from a network system or product that does not properly filter filenames of links or shortcuts that represent unintended resources, can be...
UBUNTU-CVE-2019-14866
In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have...
Definitive Dossier of Devilish Debug Details – Part Deux: A Didactic Deep Dive into Data Driven Deductions
In Part One of this blog series, Steve Miller outlined what PDB paths are, how they appear in malware, how we use them to detect malicious files, and how we sometimes use them to make associations about groups and actors. As Steve continued his research into PDB paths, we became interested in...
WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting
Exploit Title: WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting Date: 2019-09-10 Exploit Author: strider Software Link: https://github.com/anttiviljami/wp-server-log-viewer Version: 1.0 Tested on: Debian 10 Buster x64 / Kali Linux CVE : None...
Information Disclosure
librenms is vulnerable to information disclosure. The attack exists because it does not prevent the user from fingerprinting the exact code installed to get local file paths...
LibreNMS Information Disclosure Vulnerability
LibreNMS is a PHP/MYSQL/SNMP-based open source monitoring tool . An information disclosure vulnerability exists in LibreNMS 1.47 and earlier versions, which can be exploited by an attacker to identify the exact code version installed and obtain local file paths...
CVE-2019-10667
An issue was discovered in LibreNMS through 1.47. Information disclosure can occur: an attacker can fingerprint the exact code version installed and disclose local file paths...
CVE-2019-10667
An issue was discovered in LibreNMS through 1.47. Information disclosure can occur: an attacker can fingerprint the exact code version installed and disclose local file paths...
Information disclosure
An issue was discovered in LibreNMS through 1.47. Information disclosure can occur: an attacker can fingerprint the exact code version installed and disclose local file paths...
CVE-2019-10667
An issue was discovered in LibreNMS through 1.47. Information disclosure can occur: an attacker can fingerprint the exact code version installed and disclose local file paths...
DEBIAN-CVE-2019-11730
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...
Microsoft Windows Font Cache Service - Insecure Sections Privilege Escalation
Windows: Windows Font Cache Service Insecure Sections EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The Windows Font Cache Service exposes section objects insecurely to low privileged...
The vulnerability of the COM object dfact.dll in the MasterSCADA software package allows a hacker to trigger an emergency termination of the program.
The vulnerability of the COM object dfact.dll in the image processing method of the SetImage classes BmpImager, GifImager, AviImager, JpgImager in the MasterSCADA software package arises due to the use of a insecure memory allocation function on the stack allocaprobe16. Exploiting this...
PT-2019-2636 · Jenkins · Jenkins Credentials Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Plugin versions 2.1.18 and earlier Description: The issue allows users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path and obtain the...
Directory Traversal
pulp is vulnerable to directory traversal. A malicious user is able to write to arbitrary locations or overwrite published content on other iso feed repository caused by improper parsing of file paths...
The vulnerability of VMware Workstation’s virtualization platform lies in its security flaws related to the handling of executable file paths, allowing attackers to escalate their privileges.
The vulnerability of VMware Workstation’s virtualization platform is related to deficiencies in security mechanisms for processing pathnames of executable files. Exploiting this vulnerability can allow attackers to gain increased privileges...