4561 matches found
CVE-2017-11134
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login credentials are written into a log file on the device. Hence, an attacker with access to the logs can read them...
CVE-2017-11134
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login credentials are written into a log file on the device. Hence, an attacker with access to the logs can read them...
mysql: unsafe chmod/chown use in init script (CPU Jan 2017)
Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root...
CVE-2017-11134
The CVE-2017-11134 issue affects heinekingmedia StashCat for Android (up to version 1.7.5). The root cause is that login credentials are written to a log file on the device, allowing an attacker with access to the logs to read them. The connected sources corroborate this information across multip...
CVE-2017-11134
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login credentials are written into a log file on the device. Hence, an attacker with access to the logs can read them...
Microsoft Windows CLFS Local Elevation of Privilege Vulnerability
Microsoft Windows is a popular computer operating system. Microsoft Windows Common Log File System CLFS has a security vulnerability in the handling of memory objects, which allows attackers to exploit the vulnerability to submit special requests for elevated privileges...
Microsoft Windows CLFS Elevation of Privilege Vulnerability (KB4026059)
This host is missing an important security update according to Microsoft KB4026059 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2017-8590
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way that the Windows Common Log File System CLFS driver...
Privilege escalation
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way that the Windows Common Log File System CLFS driver...
Security update for the Windows CLFS elevation of privilege vulnerability in Windows Server 2008: July 11, 2017
Security update for the Windows CLFS elevation of privilege vulnerability in Windows Server 2008: July 11, 2017 Summary An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory.To learn more about the vulnerability, se...
(Pwn2Own) Microsoft Windows CLFS Driver Uninitialized Memory Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Common Log...
wildfly: Arbitrary file read via path traversal
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal...
wildfly: Arbitrary file read via path traversal
It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal...
Moderate: Red Hat Security Advisory: JBoss Enterprise Application Platform 7.0.6 on Red Hat Enterprise Linux 7
An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
USN-3253-2 nagios3 regression
USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Nagios incorrectly handled certain long strings. A remote...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
KEMP LoadMaster 7.135.0.13245 - Persistent Cross-Site Scripting Remote Code Execution
KEMP LoadMaster 7.135.0.13245 - Persistent Cross-Site Scripting Remote Code Execution Vulnerability Summary KEMP’s main product, the LoadMaster, is a load balancer built on its own proprietary software platform called LMOS, that enables it to run on almost any platform: As a KEMP LoadMaster...
Samsung Information Disclosure Vulnerability
Samsung Android M and others is an Android smartphone from Samsung South Korea. A security vulnerability exists in Samsung mobile devices using Android L 5.0/5.1, M 6.0 and N 7.x versions. An attacker can exploit the vulnerability by reading log files to obtain sensitive information...
Design/Logic Flaw
IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472...
CVE-2016-8916
IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472...