Lucene search
K

153 matches found

cve
cve
added 2011/12/17 2:0 a.m.54 views

CVE-2011-3339

The CVE-2011-3339 entry describes an XSS vulnerability in the Admin Control Center of SafeNet Sentinel HASP/SRM, affecting HASP Run-time Environment 5.95 and earlier, with installers before 6.x and SDKs before 5.11. The issue arises from inadequate input validation in the web application, which c...

4.3CVSS5.8AI score0.01457EPSS
Exploits0References4Affected Software3
prion
prion
added 2011/12/14 12:55 a.m.24 views

Privilege escalation

Csrsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

7.2CVSS6.8AI score0.01791EPSS
Exploits1References3Affected Software3
openvas
openvas
added 2011/12/14 12:0 a.m.31 views

Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)

This host is missing an important security update according to Microsoft Bulletin MS11-097. OpenVAS Vulnerability Test $Id: secpodms11-097.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2620712 Authors: Rachana Shetty Copyright:...

7.2CVSS0.8AI score0.01791EPSS
Exploits1References3
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.67 views

Seeker Advisory Sep11: Insecure Redirect in Microsoft SharePoint Portal

Seeker Research Center Security Advisory This vulnerability was discovered by Seekerr Automatic Run-Time Application Security Testing Solution Disclosed By Irene Abezgauz, September 13th, 2011 ========= I. Overview ========= An Insecure Redirect vulnerability has been identified in Microsoft...

6.3AI score
Exploits0
nessus
nessus
added 2011/08/23 12:0 a.m.21 views

Fedora 14 : nip2-7.24.2-1.fc14 / vips-7.24.7-2.fc14 (2011-10781)

7.24 series. Run-time code generation Open via disc mode Workspace as Graph mode for nip2 FITS image format VIPS rewrite Better nibs in paintbox Better TIFF and JPEG load Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

6.9CVSS5.5AI score0.00432EPSS
Exploits1References4
openvas
openvas
added 2011/08/11 12:0 a.m.33 views

Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2567680)

This host is missing a critical security update according to Microsoft Bulletin MS11-063. OpenVAS Vulnerability Test $Id: secpodms11-063.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2567680 Authors: Antu Sanadi...

7.2CVSS0.6AI score0.01707EPSS
Exploits0References2
prion
prion
added 2011/07/13 11:55 p.m.29 views

Integer overflow

Integer overflow in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cau...

7.2CVSS7.1AI score0.02098EPSS
Exploits1References3Affected Software3
prion
prion
added 2011/07/13 11:55 p.m.24 views

Null pointer dereference

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL...

7.2CVSS6.9AI score0.01553EPSS
Exploits1References3Affected Software3
cve
cve
added 2011/07/13 11:0 p.m.66 views

CVE-2011-1283

The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...

7.2CVSS6.5AI score0.02116EPSS
Exploits1References3Affected Software5
nvd
nvd
added 2011/07/13 10:55 p.m.22 views

CVE-2011-1281

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a...

7.2CVSS6.5AI score0.02116EPSS
Exploits1References3
openvas
openvas
added 2011/02/09 12:0 a.m.31 views

Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2476687)

This host is missing a critical security update according to Microsoft Bulletin MS11-010. OpenVAS Vulnerability Test $Id: secpodms11-010.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2476687 Authors: Sooraj KS Copyright: Copyright ...

4.7CVSS0.7AI score0.01764EPSS
Exploits0References3
threatpost
threatpost
added 2011/02/08 7:18 p.m.9 views

Microsoft Ships 12 Bulletins in February's Patch Tuesday

Microsoft addressed 22 flaws with 12 separate bulletins in February’s edition of Patch Tuesday, including three bulletins that were rated critical with the remaining nine rated as important. Among the programs affected are Microsoft Windows, Internet Explorer, Office, Visual Studio, and IIS. The...

0.6AI score
Exploits0References12
cve
cve
added 2010/10/12 9:0 p.m.60 views

CVE-2010-3192

CVE-2010-3192 affects the GNU C Library (glibc) and concerns runtime memory protection that prints argv[0] and backtrace data, potentially allowing a context-dependent attacker to read sensitive process memory. The description references a setuid program with a stack-based overflow (fortify_fail/...

5CVSS6.8AI score0.01606EPSS
Exploits0References8Affected Software1
openvas
openvas
added 2009/12/10 12:0 a.m.19 views

FreeBSD Security Advisory (FreeBSD-SA-09:16.rtld.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:16.rtld.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.2CVSS6.4AI score0.03903EPSS
Exploits4References1
prion
prion
added 2009/12/02 7:30 p.m.17 views

Code injection

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the 1 LDLIBMAP, 2 LDLIBRARYPATH, 3 LDLIBMAPDISABLE, 4 LDDEBUG, and 5 LDELFHINTSPATH environment variables, which allows local users to gain privileges by executing a setuid or setgu...

7.2CVSS6.5AI score0.03903EPSS
Exploits5References7Affected Software1
nvd
nvd
added 2009/12/02 6:30 p.m.18 views

CVE-2009-4146

The rtld function in the Run-Time Link-Editor rtld in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LDPRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LDPRELOAD variable containing an...

7.2CVSS6.3AI score0.03903EPSS
Exploits4References8
cve
cve
added 2009/12/02 6:0 p.m.86 views

CVE-2009-4146

The CVE-2009-4146 entry concerns FreeBSD's run-time linker (rtld) in libexec/rtld-elf/rtld.c. The underlying issue is that rtld's unsetenv logic does not clear LD_PRELOAD when __findenv() fails, enabling a local user to influence library loading via a modified LD_PRELOAD path and gain privileges ...

7.2CVSS6.2AI score0.03903EPSS
Exploits4References8Affected Software1
threatpost
threatpost
added 2009/12/01 12:43 p.m.8 views

Serious Zero-Day Flaw Found in FreeBSD, Exploit Published

A researcher has published an explanation of a new flaw in FreeBSD that allows an attacker to take control of a vulnerable machine. The vulnerability could give an attacker root access to the FreeBSD machine, and the FreeBSD developers have published a patch for the flaw early Tuesday. The...

8AI score
Exploits0References3
securityvulns
securityvulns
added 2009/12/01 12:0 a.m.61 views

** FreeBSD local r00t zeroday

FreeBSD local r00t 0day Discovered & Exploited by Nikolaos Rangos also known as Kingcope. Nov 2009 "BiG TiME" "Go fetch your FreeBSD r00tkitz" // http://www.youtube.com/watch?v=dDnhthI27Fg There is an unbelievable simple local r00t bug in recent FreeBSD versions. I audited FreeBSD for local r00t...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2009/12/01 12:0 a.m.29 views

FreeBSD rtld Local Root Exploit

FreeBSD local r00t 0day Discovered & Exploited by Nikolaos Rangos also known as Kingcope. Nov 2009 "BiG TiME" "Go fetch your FreeBSD r00tkitz" // http://www.youtube.com/watch?v=dDnhthI27Fg There is an unbelievable simple local r00t bug in recent FreeBSD versions. I audited FreeBSD for local r00t...

Exploits0
Rows per page
Query Builder