Lucene search
+L

48 matches found

krebs
krebs
added 2020/12/08 11:47 p.m.33 views

Patch Tuesday, Good Riddance 2020 Edition

Microsoft today issued its final batch of security updates for Windows PCs in 2020, ending the year with a relatively light patch load. Nine of the 58 security vulnerabilities addressed this month earned Microsofts most-dire "critical" label, meaning they can be abused by malware or miscreants to...

8.4AI score
Exploits0
osv
osv
added 2020/09/25 4:23 a.m.3 views

CVE-2019-7178

Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...

7.2CVSS7.1AI score0.01521EPSS
Exploits0References2
nvd
nvd
added 2020/09/25 4:23 a.m.19 views

CVE-2019-7178

Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...

9CVSS0.01521EPSS
Exploits0References2
prion
prion
added 2020/09/25 4:23 a.m.15 views

Privilege escalation

Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...

9CVSS7.2AI score0.01521EPSS
Exploits0References2Affected Software1
cve
cve
added 2020/09/25 3:26 a.m.55 views

CVE-2019-7178

CVE-2019-7178 affects Pexip Infinity prior to 20.1, enabling privilege escalation by restoring a system backup. Connected sources confirm the vulnerability text and vendor advisories (Red Hat entry reiterates the same description). The exact root cause, vulnerable components, impacted configurati...

9CVSS7.2AI score0.01521EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/09/25 3:26 a.m.27 views

CVE-2019-7178

Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...

7.2AI score0.01521EPSS
Exploits0References2
kitploit
kitploit
added 2020/06/25 3:45 a.m.58 views

How to Free Recover Deleted Files on Your Mac

There are many scenarios where you would want to recover deleted data from your Mac. These deleted files could be your important photos, official documents, financial records, etc. Loss of such data can cause you unnecessary emotional and financial harm. However, you can make use of data recovery...

6.7AI score
Exploits0
fedora
fedora
added 2020/03/24 1:49 a.m.39 views

[SECURITY] Fedora 31 Update: timeshift-20.03-1.fc31

Timeshift for Linux is an application that provides functionality similar to the System Restore feature in Windows and the Time Machine tool in Mac OS. Timeshift protects your system by taking incremental snapshots of the file system at regular intervals. These snapshots can be restored at a late...

7CVSS6.6AI score0.0028EPSS
Exploits0
vulnrichment
vulnrichment
added 2020/02/07 2:47 p.m.8 views

CVE-2019-16155

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more...

7.3AI score0.00443EPSS
Exploits1References2
nvd
nvd
added 2020/01/23 6:15 p.m.29 views

CVE-2019-15707

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...

4.9CVSS5.1AI score0.01211EPSS
Exploits0References1
osv
osv
added 2020/01/23 6:15 p.m.6 views

CVE-2019-15707

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...

4.9CVSS6.4AI score0.01211EPSS
Exploits0References1
prion
prion
added 2020/01/23 6:15 p.m.15 views

Improper access control

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...

4CVSS5.1AI score0.01211EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2020/01/23 5:47 p.m.32 views

CVE-2019-15707

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for...

5.2AI score0.01211EPSS
Exploits0References1
cve
cve
added 2020/01/23 5:47 p.m.73 views

CVE-2019-15707

CVE-2019-15707 concerns FortiMail admin webUI vulnerabilities: improper access control in FortiMail versions 6.2.0, 6.0.0–6.0.6, and 5.4.10 and earlier, enabling administrators to download system backup configurations they should not be authorized to access. Public references include Fortinet FG-...

4.9CVSS5.6AI score0.01211EPSS
Exploits0References1Affected Software1
bdu_fstec
bdu_fstec
added 2019/12/17 12:0 a.m.8 views

The vulnerability of the FortiMail email protection system, related to deficiencies in access control, allows attackers to bypass existing security restrictions and download a backup of the system.

The vulnerability of the FortiMail email security system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and download a backup of the system...

6.8CVSS7.1AI score0.00999EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2019/08/13 12:0 a.m.8 views

The vulnerability in the FortiOS operating system’s web interface allows a hacker to perform cross-site fraudulently.

The vulnerability in the FortiOS operating system’s web interface is related to the lack of authentication for requests. Exploiting this vulnerability allows a malicious actor to perform cross-site forgery of requests to pages like /logindisconnect/disconnectadmins or...

5.8CVSS5.3AI score
Exploits0Affected Software1
gentoo
gentoo
added 2019/03/10 12:0 a.m.137 views

Tar: Denial of service

Background The Tar program provides the ability to create and manipulate tar archives. Description The sparsedumpregion function in sparse.c file in Tar allows an infinite loop using the --sparse option. Impact A local attacker could cause a Denial of Service condition by modifying a file that is...

4.7CVSS5.2AI score0.00526EPSS
Exploits1
kitploit
kitploit
added 2019/03/05 8:25 p.m.194 views

Reload.sh - Reinstall, Restore And Wipe Your System Via SSH, Without Rebooting

Reinstall, restore and wipe your system from the level and in the place of the running GNU/Linux distribution without cd-rom, flash and other. Via SSH, without rebooting. How it works? Set your archive with system backup to restore: build="/mnt/system-backup.tgz" Set path to temporary system...

7.2AI score
Exploits0References3
mageia
mageia
added 2019/01/11 9:7 p.m.42 views

GNU tar has been updated to fix CVE-2018-20482

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...

4.7CVSS3.6AI score0.00526EPSS
Exploits1References2
cnvd
cnvd
added 2015/09/09 12:0 a.m.9 views

Netsweeper WebUpgrade Authorization Issues Vulnerability

Netsweeper is a Web content filtering solution from Netsweeper Canada. A security vulnerability exists in Netsweeper's WebUpgrade that stems from the webupgrade/webupgrade.php script failing to adequately filter the 'login' and 'password ' parameters. A remote attacker can exploit the vulnerabili...

9.4CVSS7.1AI score0.03935EPSS
Exploits4References1
Rows per page
Query Builder