Code injection

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution...

Design/Logic Flaw

AxECM.cabActiveX Control in Inogard Ebiz4u contains a vulnerability that could allow remote files to be downloaded and executed by setting arguments to the activeX method. Download of Code Without Integrity Check vulnerability in ActiveX control of Inogard Co,,LTD Ebiz4u ActiveX of Inogard...

Docker-Credential-Wincred.exe Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker-Credential-Wincred.exe Privilege Escalation', 'Description' = %q This exploit leverages a vulnerability in docker desktop community editio...

Privilege escalation

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admingroup privileges to change ownership and permissions including S-user ID bit s-bit of arbitrary files remotely. This results in the possibility to execute these files as root user from a...

MS15-028: Vulnerability in Windows Task Scheduler could allow security feature bypass: March 10, 2015

MS15-028: Vulnerability in Windows Task Scheduler could allow security feature bypass: March 10, 2015 Summary This security update resolves a privately reported vulnerability in Windows. This vulnerability could allow users who have limited rights on an affected system to use Task Scheduler to...

Malicious 󠅮󠅰󠅭Package

Overview All versions of m-backdoor contain malicious code. The package downloads a file from a remote server and executes it as a preinstall script. At the time of the release of this advisory the downloaded file only defaces websites by removing elements randomly from the DOM. Recommendation...

CVE-2020-10621

Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS versions prior to 3.0.2...

Cobertura Plugin File Execution Vulnerability

Cobertura is an open source tool that measures test coverage by inspecting the underlying code and observing what code is and is not executed when the test package is run. Cobertura Plugin has a file execution vulnerability that can be exploited by remote attackers with the help of specially...

PT-2020-20336 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition version 5.2.22 Description: This issue allows remote attackers to execute local PHP files on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the edit.ph...

Code injection

Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade...

CVE-2015-6922

CVE-2015-6922 details (Kaseya VSA): Versions 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 fail to properly authenticate, enabling remote bypass of login. Two impacts are documented: (1) via LocalAuth/setAccount.aspx an administrative account can be created...

CVE-2020-7252

Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer DXL Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files...

Design/Logic Flaw

Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer DXL Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files...

CVE-2020-7252

CVE-2020-7252 affects McAfee Data eXchange Layer (DXL) Framework, specifically the DXL Broker. The issue is an unquoted service executable path in DXL Broker versions up to 6.0.0 and earlier, which local users can exploit to trigger a denial of service and execute arbitrary files via carefully cr...

CVE-2015-6589

Directory traversal vulnerability in Kaseya Virtual System Administrator VSA 7.0.0.0 before 7.0.0.33, 8..0.0.0 before 8.0.0.23, 9.0.0.0 before 9.0.0.19, and 9.1.0.0 before 9.1.0.9 allows remote authenticated users to write to and execute arbitrary files due to insufficient restrictions in file...

CVE-2015-6589

CVE-2015-6589 is a directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) affecting versions 7.0.0.0–7.0.0.32, 8.0.0.0–8.0.0.22, 9.0.0.0–9.0.0.18, and 9.1.0.0–9.1.0.8/9.1.0.9 (pre-patch). The issue arises from insufficient restrictions on file paths to json.ashx, allowing ...

CVE-2020-0753

An elevation of privilege vulnerability exists in Windows Error Reporting WER when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0754...

CVE-2020-0753

Technical details for CVE-2020-0753 are not provided in the connected documents. The Initial Description only notes an Elevation of Privilege in Windows Error Reporting. Monitor for updates from Microsoft/MSRC for full specifics (affected products, root cause, and remediation).

Out-of-bounds

An exploitable out-of-bounds write vulnerability exists in the uncompressscanline function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a...

CVE-2020-6754

dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control. It allows an attacker to read or execute files under $TOMCATHOME/webapps/ROOT/assets which should be a protected directory. Additionally, attackers can upload temporary files e.g., .jsp files into...