Lucene search
K

492 matches found

NVD
NVD
added 2018/10/10 2:29 p.m.21 views

CVE-2018-12131

Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access...

7.8CVSS7.6AI score0.00277EPSS
Exploits0References1
Prion
Prion
added 2018/10/10 2:29 p.m.20 views

Design/Logic Flaw

Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access...

4.6CVSS7.6AI score0.00277EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2018/10/10 2:0 p.m.20 views

CVE-2018-12131

Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access...

7.7AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2018/09/07 2:29 p.m.33 views

CVE-2018-0649

Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec all programs except packaged ones allows an attacker to gain...

9.3CVSS7.8AI score0.01134EPSS
Exploits0References2
CVE
CVE
added 2018/09/07 2:0 p.m.51 views

CVE-2018-0649

The CVE-2018-0649 issue concerns an untrusted DLL search path in the installers for Canon IT Solutions Inc. software, affecting multiple products (e.g., ESET Smart Security Premium , ESET Internet Security , ESET Smart Security , ESET NOD32 Antivirus , DESlock+ Pro , and CompuSec ). The underlyin...

9.3CVSS7.7AI score0.01134EPSS
Exploits0References2Affected Software6
Cvelist
Cvelist
added 2018/09/07 2:0 p.m.28 views

CVE-2018-0649

Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec all programs except packaged ones allows an attacker to gain...

7.8AI score0.01134EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2018/08/13 8:10 p.m.8 views

New Variant of KeyPass Ransomware Discovered

A new variant of the KeyPass ransomware has been gaining traction in August and is using new techniques like manual control to customize its encryption process, researchers said Monday. Researchers at Kaspersky Lab who posted about the trojan said that it is being propagated by means of fake...

0.2AI score
Exploits0References3
Securelist
Securelist
added 2018/08/13 12:21 p.m.59 views

KeyPass ransomware

In the last few days, our anti-ransomware module has been detecting a new variant of malware - KeyPass ransomware. Others in the security community have also noticed that this ransomware began to actively spread in August: Notification from MalwareHunterTeam Distribution model According to our...

6.7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/07/24 5:43 a.m.4 views

The installers of multiple Canon IT Solutions Inc. software programs may insecurely load Dynamic Link Libraries

Overview The installers of multiple software programs provided by Canon IT Solutions Inc. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS7.1AI score0.01134EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/07/24 12:0 a.m.533 views

JVN#41452671: The installers of multiple Canon IT Solutions Inc. software programs may insecurely load Dynamic Link Libraries

The installers of multiple software programs provided by Canon IT Solutions Inc. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Us...

9.3CVSS7.7AI score0.01134EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/07/06 5:36 a.m.4 views

The installers of multiple Logicool software programs may insecurely load Dynamic Link Libraries

Overview The installers of multiple software programs provided by Logicool Co. Ltd contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427 . Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinat...

7.8CVSS7.1AI score0.00882EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/07/06 12:0 a.m.491 views

JVN#52574492: The installers of multiple Logicool software programs may insecurely load Dynamic Link Libraries

The installers of multiple software programs provided by Logicool Co. Ltd contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries(CWE-427). Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the...

7.8CVSS7.7AI score0.00882EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/25 5:54 a.m.23 views

Security Bulletin: Various IBM WebSphere MQ Installers are susceptible to DLL-planting vulnerabilities (CVE-2016-2542 & CVE-2016-4560)

Summary Various IBM WebSphere MQ graphical user interface installers are susceptible to a DLL-planting vulnerability where a malicious DLL, that is present in the Windows search path, could be loaded by the operating system in place of the genuine file. The vulnerability affects Windows executabl...

7.8CVSS1.6AI score0.00537EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:0 p.m.15 views

Security Bulletin: IBM Tealeaf Customer Experience installers vulnerable to attack (CVE-2016-2542)

Summary Installation programs for the Microsoft Windows components of IBM Tealeaf Customer Experience are vulnerable to attack under certain conditions. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a remote attacker to execute arbitrary code on the...

7.8CVSS2.2AI score0.00503EPSS
Exploits0Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/05/17 6:18 a.m.2 views

Multiple Microsoft Windows applications and installers may insecurely load Dynamic Link Libraries

Overview Multiple Windows applications and installers provided by Microsoft contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the same directory where applications and/or installers reside CWE-427. Microsoft states that the root cause of thi...

7.8CVSS7.2AI score0.0513EPSS
Exploits0References16
Kitploit
Kitploit
added 2018/02/07 1:0 p.m.27 views

Grouper - A PowerShell script for helping to find vulnerable settings in AD Group Policy

Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft's Group Policy module and identifies all the settings defined in...

6.6AI score
Exploits0References1
n0where
n0where
added 2018/02/03 8:26 p.m.55 views

Find Vulnerable Settings in AD Group Policy: Grouper

Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft’s Group Policy module and identifies all the settings defined in...

6.8AI score
Exploits0References1
OSV
OSV
added 2017/11/13 2:29 p.m.5 views

CVE-2016-6803

An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application or user running with administrative privilege. Any installer with the unquoted...

7.8CVSS5.8AI score0.02101EPSS
Exploits1References3
Securelist
Securelist
added 2017/09/12 9:0 a.m.51 views

Miners on the Rise

Miners are a class of malware whose popularity has grown substantially this year. The actual process of cryptocurrency mining is perfectly legal, though there are groups of people who hoodwink unwitting users into installing mining software on their computers, or exploiting software vulnerabiliti...

7AI score
Exploits0
NVD
NVD
added 2017/09/01 2:29 p.m.18 views

CVE-2017-10850

Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 Timestamp of code signing is before 12 Apr 2017 02:04 UTC., PostScript? Driver + Additional Feature Plug-in + PPD File for...

9.3CVSS7.8AI score0.0098EPSS
Exploits0References2
Rows per page
Query Builder