25 matches found
EUVD-2020-19715
Malware in sbrugna...
EUVD-2020-7346
Malware in sbrugna...
EUVD-2024-49630
Malicious code in bioql PyPI...
CVE-2024-8509
A vulnerability was found in Forklift Controller. There is no verification against the authorization header except to ensure it uses bearer authentication. Without an Authorization header and some form of a Bearer token, a 401 error occurs. The presence of a token value provides a 200 response...
CVE-2024-8509 Migration toolkit for virtualization: forklift-controller: empty bearer token may perform authentication
A vulnerability was found in Forklift Controller. There is no verification against the authorization header except to ensure it uses bearer authentication. Without an Authorization header and some form of a Bearer token, a 401 error occurs. The presence of a token value provides a 200 response...
CVE-2024-8509 Migration toolkit for virtualization: forklift-controller: empty bearer token may perform authentication
A vulnerability was found in Forklift Controller. There is no verification against the authorization header except to ensure it uses bearer authentication. Without an Authorization header and some form of a Bearer token, a 401 error occurs. The presence of a token value provides a 200 response...
CVE-2024-8509
A vulnerability was found in Forklift Controller. There is no verification against the authorization header except to ensure it uses bearer authentication. Without an Authorization header and some form of a Bearer token, a 401 error occurs. The presence of a token value provides a 200 response wi...
Red Hat Migration Toolkit for Virtualization 授权问题漏洞
Red Hat Migration Toolkit for Virtualization is a toolkit from Red Hat, Inc. An authorization issue vulnerability exists in Red Hat Migration Toolkit for Virtualization, which arises from the component Forklift Controller not validating the authorization header beyond ensuring that credential...
CVE-2020-15349
BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process copy, move, delete as root and changing permissions...
CVE-2020-27192
BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool...
CVE-2020-15349
BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process copy, move, delete as root and changing permissions...
CVE-2020-27192
BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool...
CVE-2020-27192
BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool...
Privilege escalation
BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process copy, move, delete as root and changing permissions...
Code injection
BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool...
CVE-2020-27192
CVE-2020-27192 affects BinaryNights ForkLift 3.4, where building with the com.apple.security.cs.disable-library-validation flag enables a local attacker to inject code into ForkLift and run malicious code with escalated privileges via ForkLift’s helper tool. This describes how the vulnerability a...
CVE-2020-27192
BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. This would allow the attacker to run malicious code with escalated privileges through ForkLift's helper tool...
CVE-2020-15349
BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process copy, move, delete as root and changing permissions...
CVE-2020-15349
BinaryNights ForkLift 3.x prior to 3.4 is affected by a local privilege escalation due to a privileged helper tool exposing an XPC interface that permits file operations (copy, move, delete) across processes as root and to change permissions. Impact is local privilege escalation with full root-le...
Binarynights Forklift Code Injection Vulnerability
Binarynights Forklift is a file resource management software from the American company Binarynights. The software references the FINDER file manager and directly manages FTP/SFTP/WebDAV, Amazon S3, iDisk, BLUETOOH and other resources. A security vulnerability exists in BinaryNights ForkLift versi...