CVE-2021-42714

Splashtop Remote Client Business Edition through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions...

CVE-2021-42714

Summary (CVE-2021-42714) : The vulnerability affects Splashtop Remote Client (Business Edition) , specifically versions 3.4.8.3 and earlier . The root issue is that the software creates a temporary file in a directory with insecure permissions, which could allow inappropriate access to the file c...

Splashtop Remote Client 安全漏洞

Splashtop Remote Client is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Remote Client that originates from. the Splashtop Remote Client creates temporary files in a directory with insecure permissions...

PT-2022-11668 · Splashtop · Splashtop Remote Client

Name of the Vulnerable Software and Affected Versions: Splashtop Remote Client Personal Edition versions 3.4.6.1 and earlier Description: The issue is related to the creation of a temporary file in a directory with insecure permissions. Recommendations: For versions 3.4.6.1 and earlier, update to...

Splashtop Remote Client 安全漏洞

Splashtop Remote Client is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Remote Client Business Edition 3.4.8.3 and earlier versions that originates when Splashtop Remote Client creates temporary files in a directory with insecure...

PT-2022-11669 · Splashtop · Splashtop Remote Client

Name of the Vulnerable Software and Affected Versions: Splashtop Remote Client Business Edition versions 3.4.8.3 and earlier Description: The issue is related to the creation of a temporary file in a directory with insecure permissions. This could potentially lead to security issues, but specific...

Remote code execution in Apache ActiveMQ

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack - A remote client could create a...

CVE-2021-46671

options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client...

UBUNTU-CVE-2021-46671

options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client...

CVE-2021-46671

options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client...

atftp 缓冲区错误漏洞

atftp is a client-side implementation of the TFTP protocol. A security vulnerability exists in atftp, which stems from the fact that options.c in atftp reads to the end of an array, thus exposing server-side /etc/group data to a remote client...

Trend Micro Password Manager 安全漏洞

Trend Micro Password Manager is a secure password management solution from Trend Micro. A security vulnerability exists in Trend Micro Password Manager that stems from the exposure of dangerous functionality. A remote client can manipulate the registry and elevate privileges to the SYSTEM of an...

SUSE SLES11 Security Update : zeromq (SUSE-SU-2019:14117-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2019:14117-1 advisory. - In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application,...

Debian DSA-4851-1 : subversion - security update

Thomas Akesson discovered a remotely triggerable vulnerability in the modauthzsvn module in Subversion, a version control system. When using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option an unauthenticated remote client can take advantage of this flaw to cause a denial...

Squid < 4.10 Multiple Vulnerabilities

According to its self-reported version number, the version of Squid installed on the remote host is prior to 4.10. It is, therefore, affected by multiple vulnerabilities: - Due to incorrect data management Squid is vulnerable to a information disclosure when translating FTP server listings into...

SolarWinds Orion Platform Code Execution Vulnerability

Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...

Debian DLA-2443-1 : zeromq3 security update

It was discovered that ZeroMQ, a lightweight messaging kernel library does not properly handle connecting peers before a handshake is completed. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE...

[SECURITY] [DLA 2443-1] zeromq3 security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2443-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 10, 2020 https://wiki.debian.org/LTS -...

squid: Buffer overflow in reverse-proxy configurations

A flaw was found in squid. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...

squid: Buffer overflow in reverse-proxy configurations

A flaw was found in squid. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy...