Liboping Input Validation Error Vulnerability

liboping is an open source Ping library and command line utility. An input validation error vulnerability exists in liboping version 1.3.2, which can be exploited by an attacker to read arbitrary files on the local system...

CVE-2009-3614

liboping 1.3.2 allows users reading arbitrary files upon the local system...

Information disclosure

liboping 1.3.2 allows users reading arbitrary files upon the local system...

CVE-2019-5694

NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, which may lead to denial of service or...

CVE-2019-5689

NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or...

Design/Logic Flaw

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature also known as a binary planting or DLL preloading attack,...

Design/Logic Flaw

NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, which may lead to denial of service or...

CVE-2019-5701

CVE-2019-5701 affects NVIDIA GeForce Experience (all versions prior to 3.20.0.118). The issue arises when GameStream is enabled: an attacker with local access can cause binary planting by loading Intel graphics driver DLLs without validating the path or signature, potentially leading to denial of...

CVE-2019-5701

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature also known as a binary planting or DLL preloading attack,...

CVE-2019-5694

NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, which may lead to denial of service or...

SolarWinds Kiwi Syslog Server 8.3.52 Unquoted Service Path

Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional...

SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path

Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional...

Security Bulletin: NVIDIA GeForce Experience - November 2019

NVIDIA has released a software security update for NVIDIA® GeForce Experience™. This update addresses issues that may lead to code execution, information disclosure, or denial of service. To protect your system, download and install this software update through the GeForce Experience Downloads...

Directory Traversal

xmppserver is vulnerable to directory traversal. Lack of validation of file names in the handleOtherRequest function in PluginServlet.java allows an attacker to retrieve local system files...

The vulnerability of the Redirected Drive Buffering System (rdbss.sys) in Windows operating systems allows a hacker to cause a service failure.

The vulnerability of the Redirected Drive Buffering System rdbss.sys in Windows operating systems relates to the handling of local system calls. Exploiting this vulnerability can allow an attacker to cause a service failure by launching a specially created application...

CVE-2019-3980

The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run...

Design/Logic Flaw

The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run...

CVE-2019-12711 Cisco Unified Communications Manager XML External Expansion Vulnerability

A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service DoS condition. The vulnerability ...

UBUNTU-CVE-2019-11753

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the...

CVE-2019-11753

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the...