38 matches found
CVE-2021-27569
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
@duetds/angular (>=5.0.2 <=5.0.3), @duetds/components (>=5.0.2 <=5.0.3) +2 more potentially affected by CVE-2021-23356 via kill-process-by-name (=1.0.5)
kill-process-by-name NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on kill-process-by-name and may be impacted: - @duetds/angular =5.0.2, =5.0.2, =1.7.20, =5.0.2, =5.0.3 Source cves: CVE-2021-23356 Source advisory:...
Npm Kill-Process-By-Name 命令注入漏洞
Npm Kill-Process-By-Name is an application from Npm, Inc. that kills all processes of a program using the program name. It kills all processes of a program using the program name. A security vulnerability exists in kill-process-by-name, which can be exploited by an attacker to execute arbitrary...
Arbitrary Command Injection
Overview kill-process-by-name is a Kills all processes by a certain program Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the...
Backdoor.Win32.Zombam.k Stack Buffer Overflow
Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.k Vulnerability: Remote String Dereference Stack Buffer Overflow Description:...
SUSE SLES12 Security Update : apache2-mod_perl (SUSE-SU-2019:3213-1)
This update for apache2-modperl fixes the following issues : Security issue fixed : CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944. Other issue addressed: Restore process name after svsetpvmg call. bsc1091625 Note that...
SUSE-SU-2019:3213-1 Security update for apache2-mod_perl
This update for apache2-modperl fixes the following issues: Security issue fixed: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944. Other issue addressed: - Restore process name after svsetpvmg call. bsc1091625...
openSUSE Security Update : apache2-mod_perl (openSUSE-2019-2549)
This update for apache2-modperl to version 2.0.11 fixes the following issues : Security issue fixed : - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944. Other issue addressed : - Restore process name after svsetpvmg call...
OPENSUSE-SU-2019:2558-1 Security update for apache2-mod_perl
This update for apache2-modperl to version 2.0.11 fixes the following issues: Security issue fixed: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944. Other issue addressed: - Restore process name after svsetpvmg call...
Security update for apache2-mod_perl (moderate)
openSUSE Security Update: Security update for apache2-modperl Announcement ID: openSUSE-SU-2019:2558-1 Rating: moderate References: 1091625 1156944 Cross-References: CVE-2011-2767 Affected Products: openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that solves one vulnerability an...
OPENSUSE-SU-2019:2549-1 Security update for apache2-mod_perl
This update for apache2-modperl to version 2.0.11 fixes the following issues: Security issue fixed: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944. Other issue addressed: - Restore process name after svsetpvmg call...
The vulnerability of the Etlas electronic document management system lies in the lack of protection for SQL query structures, which allows attackers to disclose the protected information.
The vulnerability of the Etlas electronic document management system lies in the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to gain access to protected information by entering a specially crafted SQL query into the “Process Name” field o...
SUSE-SU-2016:1602-1 Security update for ntp
ntp was updated to version 4.2.8p8 to fix five security issues. These security issues were fixed: - CVE-2016-4953: Bad authentication demobilizes ephemeral associations bsc982065. - CVE-2016-4954: Processing spoofed server packets bsc982066. - CVE-2016-4955: Autokey association reset bsc982067. -...
Microsoft Windows Process Unique Process Name
Binary data windowsprocessinformationuniquename.nbin...
CVE-2012-6501
The KillProcess method in the HP PKI ActiveX control HPPKI.ocx before 1.2.0.1 allows remote attackers to cause a denial of service kill process via the partial or full name of a process...
winwebmail mention the right-vulnerability warning-the black bar safety net
Another collection below winwebmail default installation path, this is for if in Start—program there is no winwebmail shortcut. c:\winwebmail\web if you cannot browse to change to the d:\winwebmail\web\ In addition, if you can not find the path please use Registry to read the...
setroubleshoot log injection
Cross-site scripting XSS vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted 1 file or 2 process name, which triggers an Access Vector Cache AVC log entry in a log file used during composition of HTML documents for sealert...
DEBIAN-CVE-2007-3912
checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process...