DisplayLink Core Software Cleaner Application Elevation of Privilege Vulnerability

DisplayLink Core Software Cleaner Application is a dedicated removal tool for uninstalling DisplayLink software. A security vulnerability exists in DisplayLink Core Software Cleaner Application 8.2.1956. The vulnerability can be exploited to hijack a DLL and elevate its privileges to SYSTE by...

CVE-2018-1239

Dell EMC Unity Operating Environment OE versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unit...

Command injection

Dell EMC Unity Operating Environment OE versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unit...

CVE-2018-1239

Dell EMC Unity Operating Environment OE versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unit...

GEOVAP Reliance 4 Control Server Privilege Escalation Vulnerability

GEOVAP Reliance 4 Control Server suffers from an unquoted search path issue impacting the service 'RelianceOpcDaWrapper' for Windows deployed as part of Reliance 4 SCADA/HMI system installer including Reliance OPC Server. This could potentially allow an authorized but non-privileged local user to...

SUSE-SU-2015:1161-1 Security update for java-1_6_0-ibm

IBM Java 1.6.0 was updated to SR16-FP4 fixing security issues and bugs. Tabulated information can be found on: http://www.ibm.com/developerworks/java/jdk/alerts/IBMSecurityUpdateMay2015 CVEs addressed: CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 CVE-2015-0491 CVE-2015-0458 CVE-2015-04...

Microsoft Windows JScript & VBScript Security Bypass Vulnerability (3057263)

This host is missing an important security update according to Microsoft Bulletin MS15-053. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

QNX - '.Phgrafx' File Enumeration

source: www.securityfocus.com/bid/66098/info QNX Phgrafx is prone to a file-enumeration weakness. An attacker can exploit this issue to enumerate the files present in the system's root directory; this may aid in further attacks. QNX 6.5.0 SP1, 6.5.0, 6.4.1, 6.3.0, and 6.2.0 are vulnerable; other...

MS13-089: Critical Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (2876331)

The remote host contains a version of Microsoft Windows that is affected by a remote code execution vulnerability. The vulnerability exists in the Graphic Rendering Engine, and in the way Windows handles Metafiles. An attacker could exploit this issue to execute arbitrary code on the remote host....

DSA-2482-1 libgdata - no verification of TLS certificates against system root CA

Bulletin has no description...

Windows Application CPE Detection (SMB Login)

SMB login-based collection of information about installed applications from a Microsoft Windows system. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

thttpd information leak

If thttpd is started from system root, system root is used as web server root directory...

Setuid perl PerlIO_Debug() root owned file creation

No description provided by source. / Copyright Kevin Finisterre DISCLAIMER I am in no way responsible for your stupidity. DISCLAIMER I am in no way liable for any damages caused by compilation and or execution of this code. WARNING DO NOT RUN THIS UNLESS YOU KNOW WHAT YOU ARE DOING WARNING...

CVE-2001-0749

Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root...

CVE-2001-0749

The CVE-2001-0749 issue affects Beck IPC GmbH IPC@CHIP Embedded-Webserver. The vulnerability allows remote attackers to read arbitrary files because the web server default root directory is set to the system root ("/"), enabling access to files outside the web root (e.g., chip.ini with login cred...

CVE-2003-0977

CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...

CVE-2003-0977

CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...

CVE-2002-1184

The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access Everyone:F and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan hor...

Microsoft Security Bulletin MS02-064: Windows 2000 Default Permissions Could Allow Trojan Horse Program (Q327522)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Windows 2000 Default Permissions Could Allow Trojan Horse Program Q327522 Date: 30 October 2002 Software: Windows 2000 Impact: Trojan Horse program execution Max Risk: Moderate...

CVE-2001-0749

Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root...