Potential Privilege Escalation

In case an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case the internal encryptionKey was exposed - it is possible to retrieve arbitrary files of a TYPO3 installation. This includes the...

CVE-2020-6968

Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files...

CVE-2020-6968

Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges through the modification of local configuration files...

Honeywell INNCOM INNControl 3 Privilege Mismanagement Vulnerability

Honeywell INNCOM INNControl 3 is an energy management and room control system from Honeywell USA. A security vulnerability exists in Honeywell INNCOM INNControl 3 version 3.21 and prior. An attacker can exploit the vulnerability to elevate user privileges by modifying local configuration files...

Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEOWISE-CARBONFTP-v1.4-INSECURE-PROPRIETARY-PASSWORD-ENCRYPTION.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.neowise.com Product CarbonFTP v1.4 CarbonFTP is a...

CVE-2019-17635

Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...

CVE-2019-17635

Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...

Deserialization of untrusted data

Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...

CVE-2019-17635

Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...

USN-4051-1 apport vulnerability

Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report...

CVE-2017-7977

The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel...

DLA-473-1 wpa - security update

Bulletin has no description...

UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow

No description provided by source. Exploit Title: UnrealIRCd local configuration stack overflow Date: 20/10/2011 Author: DiGMi http://digmi.org Software Link: http://www.unrealircd.com/downloads/Unreal3.2.8.1.exe Version: 3.2.8.1 and probably every previous version Tested on: Windows 7 Details an...

UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow

UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow Exploit Title: UnrealIRCd local configuration stack overflow Date: 20/10/2011 Author: DiGMi http://digmi.org Software Link: http://www.unrealircd.com/downloads/Unreal3.2.8.1.exe Version: 3.2.8.1 and probably every previous version Tested on:...

UnrealIRCd 3.2.8.1 Stack Overflow

Exploit Title: UnrealIRCd local configuration stack overflow Date: 20/10/2011 Author: DiGMi http://digmi.org Software Link: http://www.unrealircd.com/downloads/Unreal3.2.8.1.exe Version: 3.2.8.1 and probably every previous version Tested on: Windows 7 Details and explanations can be found here:...

UnrealIRCd 3.2.8.1 - Local Configuration Stack Overflow

Exploit Title: UnrealIRCd local configuration stack overflow Date: 20/10/2011 Author: DiGMi http://digmi.org Software Link: http://www.unrealircd.com/downloads/Unreal3.2.8.1.exe Version: 3.2.8.1 and probably every previous version Tested on: Windows 7 Details and explanations can be found here:...