37 matches found
The vulnerability of the file2strvec function in console applications for monitoring and terminating system processes in Props-ng allows a perpetrator to execute arbitrary code.
The vulnerability of the file2strvec function in console applications for monitoring and terminating system processes in Props-ng is caused by a numerical overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
A use cve-2017-11882 and cve-2018-0802 combination of vulnerability a malicious document analysis-vulnerability warning-the black bar safety net
! Recently intercepted an extension doc word document to attack the samples, which format is actually RTF format. By analyzing the document composition the use of a cve-2017-11882 and cve-2018-0802 vulnerability, and use the embedded excel object is used to trigger the vulnerability. The release ...
SAP Process Monitoring Infrastructure Cross-Site Scripting Vulnerability
SAP Process Monitoring Infrastructure PMI is a process monitoring infrastructure from SAP. The product has an IT environment monitoring, system monitoring and process monitoring and other functions. A cross-site scripting vulnerability exists in SAP PMI, which stems from the program failing to...
CVE-2018-2399
Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs...
CVE-2018-2399
Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs...
Cross site scripting
Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs...
CVE-2018-2399
CVE-2018-2399 affects SAP Process Monitoring Infrastructure (PMI) across versions 7.10–7.11, 7.20, 7.30, 7.31, 7.40, 7.50. Root cause: inadequate encoding of user-controlled inputs leads to Cross-Site Scripting. Impact: remote attacker could execute arbitrary script in a user’s browser. Exploitat...
CVE-2018-2399
Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs...
CVE-2016-1911
Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...
CVE-2016-1911
Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...
CVE-2016-1911
Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...
CVE-2016-1911
CVE-2016-1911 concerns SAP NetWeaver 7.4 with multiple cross-site scripting (XSS) vulnerabilities. The affected components are the Runtime Workbench (RWB) and the Pmitest servlet in the Process Monitoring Infrastructure (PMI). The underlying issue is XSS that could allow remote attackers to injec...
Windows Gather User Credentials (phishing)
This module is able to perform a phishing attack on the target by popping up a loginprompt. When the user fills credentials in the loginprompt, the credentials will be sent to the attacker. The module is able to monitor for new processes and popup a loginprompt when a specific process is starting...
A very ingenious process of anti-kill method-vulnerability warning-the black bar safety net
Just learn a kernel object,wanted to write one can be anti-kill process,but other methods are too high, The rookie is not a sense of Honor,thought a few days,think of a very present way,incorrect Also please master pointing about. The program runs two instances,each instance with each other to...
SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber
SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber !/usr/local/bin/perl -w The problem is catman creates files in /tmp insecurly. They are based on the PID of the catman process, catman will happily clobber any files that are symlinked to that file. The idea of this script is to watch the...
Solaris 2.72.8 Catman - Local Insecure tmp Symlink
Solaris 2.72.8 Catman - Local Insecure tmp Symlink !/usr/local/bin/perl -w The problem is catman creates files in /tmp insecurly. They are based on the PID of the catman process, catman will happily clobber any files that are symlinked to that file. The idea of this script is to create a block of...
Update Rollup 2 for System Center 2016 Operations Manager
None None...