35 matches found
CVE-2025-58423
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context of the local system account...
CVE-2025-58423 Advantech DeviceOn/iEdge Path Traversal
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context of the local system account...
EUVD-2016-10292
Malware in sbrugna...
After Enabling MFA, Veeam Backup Server Is Listed as Inaccessible in Veeam Service Provider Console
Challenge After enabling multi-factor authentication MFA in Veeam Backup & Replication or Veeam Cloud Connect, that server may become listed as "inaccessible" within Veeam Service Provider Console yet the Veeam Management Agent for VSPC continues to display a "healthy" status. Cause When MFA is...
Security Bulletin: Privilege escalation vulnerability in IBM DB2's Audit Facility (CVE-2013-3475).
Abstract Vulnerability in IBM DB2's Audit Facility could allow an escalation of privilege attack. Content VULNERABILITY DETAILS CVE ID: CVE-2013-3475 Description: The IBM DB2 products listed below contain a security vulnerability in the DB2 Audit Facility which allows an attacker to gain DB2...
CVE-2021-40363
CVE-2021-40363 affects Siemens SIMATIC PCS 7 and WinCC products. The underlying issue is that the affected component stores local system account credentials in a publicly accessible project file using an outdated cipher algorithm, enabling an attacker to brute-force credentials and take over the ...
Microsoft Windows DNS Server Remote Code Execution Vulnerability
Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker of SIGRed...
VulnCheck KEV: CVE-2020-1350
Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker of SIGRed...
Remote code execution
A remote code execution vulnerability exists when Active Directory integrated DNS ADIDNS mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an...
Active Directory Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Active Directory integrated DNS ADIDNS mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an...
PT-2020-3910 · Microsoft · Windows Active Directory Integrated Dns +1
Name of the Vulnerable Software and Affected Versions: Windows Active Directory integrated DNS ADIDNS affected versions not specified Description: A remote code execution issue exists due to Active Directory integrated DNS ADIDNS mishandling objects in memory. An authenticated attacker could...
PT-2020-3917 · Microsoft · Windows Active Directory Integrated Dns +1
Name of the Vulnerable Software and Affected Versions: Windows Active Directory integrated DNS ADIDNS affected versions not specified Description: A remote code execution issue exists due to Active Directory integrated DNS ADIDNS mishandling objects in memory. An authenticated attacker could...
Microsoft Windows Server DNS Server Remote Code Execution Vulnerability
Microsoft Windows Server is a set of server operating systems from Microsoft.Windows DNS Server is one of the DNS Domain Name System servers. A remote code execution vulnerability exists in Microsoft Windows Server DNS Server. An attacker can exploit the vulnerability to run arbitrary code in the...
BSA-2020-1051
Security Advisory ID : BSA-2020-1051 Component : Windows DNS Revision : 1.0: Final A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in th...
StoreFront - Citrix Subscriptions Store service not starting up on one storefront server in server group
When launching a published application an error message israndomly seen . "Your apps are not available at this time. Please try again in a few minutes or contact your help desk with this information: Cannot contact Storefront" The issue is caused by subscription service store service not starting...
CVE-2019-3980
The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run...
Design/Logic Flaw
The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run...
Windows DNS Server Heap Overflow Vulnerability
A remote code execution vulnerability exists in Windows Domain Name System DNS servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as D...
Windows DNSAPI Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Windows Domain Name System DNS DNSAPI.dll when it fails to properly handle DNS responses. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. To exploit the vulnerability, the...
WatchGuard AP100, AP102 and AP200 Authentication Vulnerabilities
The WatchGuard AP100, AP102 and AP200 are all different series of indoor wireless access point devices from WatchGuard USA. A security vulnerability exists in the WatchGuard AP100, AP102, and AP200 using firmware versions prior to 1.2.9.15, which stems from a failure of the local Access Point Web...