Lucene search
K

37 matches found

BDU FSTEC
BDU FSTEC
added 2019/01/22 12:0 a.m.5 views

The vulnerability of the file2strvec function in console applications for monitoring and terminating system processes in Props-ng allows a perpetrator to execute arbitrary code.

The vulnerability of the file2strvec function in console applications for monitoring and terminating system processes in Props-ng is caused by a numerical overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.01834EPSS
Exploits5References3Affected Software2
myhack58
myhack58
added 2018/12/25 12:0 a.m.2661 views

A use cve-2017-11882 and cve-2018-0802 combination of vulnerability a malicious document analysis-vulnerability warning-the black bar safety net

! Recently intercepted an extension doc word document to attack the samples, which format is actually RTF format. By analyzing the document composition the use of a cve-2017-11882 and cve-2018-0802 vulnerability, and use the embedded excel object is used to trigger the vulnerability. The release ...

9.3CVSS8.4AI score0.99945EPSS
Exploits36
CNVD
CNVD
added 2018/03/28 12:0 a.m.2 views

SAP Process Monitoring Infrastructure Cross-Site Scripting Vulnerability

SAP Process Monitoring Infrastructure PMI is a process monitoring infrastructure from SAP. The product has an IT environment monitoring, system monitoring and process monitoring and other functions. A cross-site scripting vulnerability exists in SAP PMI, which stems from the program failing to...

6.1CVSS6.8AI score0.01325EPSS
Exploits0References1
NVD
NVD
added 2018/03/14 7:29 p.m.20 views

CVE-2018-2399

Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs...

6.1CVSS6AI score0.01325EPSS
Exploits0References3
OSV
OSV
added 2018/03/14 7:29 p.m.3 views

CVE-2018-2399

Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs...

6.1CVSS5.8AI score0.01325EPSS
Exploits0References3
Prion
Prion
added 2018/03/14 7:29 p.m.15 views

Cross site scripting

Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs...

4.3CVSS6AI score0.01325EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/03/14 7:0 p.m.42 views

CVE-2018-2399

CVE-2018-2399 affects SAP Process Monitoring Infrastructure (PMI) across versions 7.10–7.11, 7.20, 7.30, 7.31, 7.40, 7.50. Root cause: inadequate encoding of user-controlled inputs leads to Cross-Site Scripting. Impact: remote attacker could execute arbitrary script in a user’s browser. Exploitat...

6.1CVSS6AI score0.01325EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/03/14 7:0 p.m.20 views

CVE-2018-2399

Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs...

6.1CVSS6.1AI score0.01325EPSS
Exploits0References3
NVD
NVD
added 2016/01/15 8:59 p.m.23 views

CVE-2016-1911

Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...

6.1CVSS6AI score0.0102EPSS
Exploits0References5
OSV
OSV
added 2016/01/15 8:59 p.m.3 views

CVE-2016-1911

Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...

6.1CVSS5.8AI score0.0102EPSS
Exploits0References5
Cvelist
Cvelist
added 2016/01/15 8:0 p.m.27 views

CVE-2016-1911

Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the 1 Runtime Workbench RWB or 2 Pmitest servlet in the Process Monitoring Infrastructure PMI, aka SAP Security Notes 2206793 and 2234918...

6AI score0.0102EPSS
Exploits0References5
CVE
CVE
added 2016/01/15 8:0 p.m.49 views

CVE-2016-1911

CVE-2016-1911 concerns SAP NetWeaver 7.4 with multiple cross-site scripting (XSS) vulnerabilities. The affected components are the Runtime Workbench (RWB) and the Pmitest servlet in the Process Monitoring Infrastructure (PMI). The underlying issue is XSS that could allow remote attackers to injec...

6.1CVSS5.9AI score0.0102EPSS
Exploits0References5Affected Software1
Metasploit
Metasploit
added 2015/01/30 6:50 p.m.71 views

Windows Gather User Credentials (phishing)

This module is able to perform a phishing attack on the target by popping up a loginprompt. When the user fills credentials in the loginprompt, the credentials will be sent to the attacker. The module is able to monitor for new processes and popup a loginprompt when a specific process is starting...

6.9AI score
Exploits0
myhack58
myhack58
added 2005/10/09 12:0 a.m.21 views

A very ingenious process of anti-kill method-vulnerability warning-the black bar safety net

Just learn a kernel object,wanted to write one can be anti-kill process,but other methods are too high, The rookie is not a sense of Honor,thought a few days,think of a very present way,incorrect Also please master pointing about. The program runs two instances,each instance with each other to...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2000/12/20 12:0 a.m.9 views

SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber

SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber !/usr/local/bin/perl -w The problem is catman creates files in /tmp insecurly. They are based on the PID of the catman process, catman will happily clobber any files that are symlinked to that file. The idea of this script is to watch the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/12/19 12:0 a.m.14 views

Solaris 2.72.8 Catman - Local Insecure tmp Symlink

Solaris 2.72.8 Catman - Local Insecure tmp Symlink !/usr/local/bin/perl -w The problem is catman creates files in /tmp insecurly. They are based on the PID of the catman process, catman will happily clobber any files that are symlinked to that file. The idea of this script is to create a block of...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.101 views

Update Rollup 2 for System Center 2016 Operations Manager

None None...

5.8AI score
Exploits0
Rows per page
Query Builder