Lucene search
K

71 matches found

Pen Test Partners Blog
Pen Test Partners Blog
added 2020/07/21 3:27 p.m.150 views

Raining SYSTEM Shells with Citrix Workspace app

TL;DR Citrix Workspace is vulnerable to a remote command execution attack running under the context of the SYSTEM account. By sending a crafted message over a named pipe and spoofing the client process ID, the Citrix Workspace Updater Service can be tricked into executing an arbitrary process und...

7.2CVSS8.1AI score0.02062EPSS
Exploits2
Cvelist
Cvelist
added 2020/06/18 2:16 a.m.26 views

CVE-2020-3342 Cisco Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability

A vulnerability in the software update feature of Cisco Webex Meetings Desktop App for Mac could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to improper validation of cryptographic protections on files that are downloaded by...

8.8CVSS9AI score0.03797EPSS
Exploits0References1
CISA
CISA
added 2020/06/18 12:0 a.m.14 views

Cisco Releases Multiple Security Updates

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The...

7.9AI score
Exploits0References8
CNVD
CNVD
added 2020/06/18 12:0 a.m.4 views

Cisco Webex Meetings Desktop App Trust Management Issue Vulnerability

Cisco Webex Meetings Desktop App is a video conferencing control application for use in desktop environments from Cisco USA. A trust management issue vulnerability exists in the software update feature in the Cisco Webex Meetings Desktop App prior to version 39.5.11 Mac, which arises from the...

9.3CVSS7.8AI score0.03797EPSS
Exploits0References1
NVD
NVD
added 2020/06/04 8:15 p.m.11 views

CVE-2020-12852

The update feature for Pydio Cells 2.0.4 allows an administrator user to set a custom update URL and the public RSA key used to validate the downloaded update package. The update process involves downloading the updated binary file from a URL indicated in the update server response, validating it...

8.5CVSS6.8AI score0.0235EPSS
Exploits1References3
OSV
OSV
added 2020/06/04 8:15 p.m.14 views

CVE-2020-12852

The update feature for Pydio Cells 2.0.4 allows an administrator user to set a custom update URL and the public RSA key used to validate the downloaded update package. The update process involves downloading the updated binary file from a URL indicated in the update server response, validating it...

6.8CVSS7.3AI score0.0235EPSS
Exploits1References3
Prion
Prion
added 2020/06/04 8:15 p.m.15 views

Design/Logic Flaw

The update feature for Pydio Cells 2.0.4 allows an administrator user to set a custom update URL and the public RSA key used to validate the downloaded update package. The update process involves downloading the updated binary file from a URL indicated in the update server response, validating it...

8.5CVSS7.3AI score0.0235EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/06/04 7:11 p.m.97 views

CVE-2020-12852

Summary: CVE-2020-12852 concerns Pydio Cells 2.0.4. The update feature lets an administrator set a custom update URL and a public RSA key used to validate the downloaded update package. The update process downloads a binary from the server response, validates its checksum and signature, and repla...

8.5CVSS7AI score0.0235EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2020/01/31 4:15 p.m.7 views

CVE-2014-4860

Multiple integer overflows in the Pre-EFI Initialization PEI boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase...

6.8CVSS6.6AI score0.00504EPSS
Exploits0References1
OSV
OSV
added 2020/01/31 4:15 p.m.9 views

CVE-2014-4859

Integer overflow in the Drive Execution Environment DXE phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data...

6.8CVSS7AI score
Exploits0References1
OSV
OSV
added 2019/06/05 5:29 p.m.6 views

CVE-2019-1861

A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of files uploaded to the affected application. An attacker could exploit this vulnerability ...

7.2CVSS7.4AI score0.04377EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2019/03/27 3:26 p.m.97 views

Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns

A recently discovered vulnerability in the WinRAR file archival utility has been exploited in a slew of new campaigns, including one with a never-before-seen payload. The flurry of activity shows no sign of waning as cybercriminals continue to find success exploiting the bug. The campaigns take...

6.8CVSS0.96274EPSS
Exploits13References9
The Hacker News
The Hacker News
added 2019/03/15 8:0 a.m.232 views

Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates

Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn't have an auto-update feature, whic...

7.8CVSS0.9AI score0.96274EPSS
Exploits13
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.566 views

Kados R10 GreenBee - 'release_id' SQL Injection

Exploit Title: Kados R10 GreenBee - 'releaseid' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.kados.info/ Software Link: https://sourceforge.net/projects/kados/ Version: R10 GreenBee Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...

7AI score
Exploits0
OSV
OSV
added 2018/08/27 3:29 p.m.4 views

CVE-2018-3904

An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on...

9.9CVSS6.1AI score
Exploits0References1
CNVD
CNVD
added 2017/11/02 12:0 a.m.7 views

Circle with Disney Remote Code Execution Vulnerability (CNVD-2017-33180)

Circle with Disney is a set of network monitoring and management devices for monitoring children's online behavior from Circle Media, Inc. in the United States. A remote code execution vulnerability exists in the database update feature in Circle with Disney version 2.0.1. The vulnerability can b...

9.3CVSS9.2AI score0.02448EPSS
Exploits2References1
CNVD
CNVD
added 2017/11/02 12:0 a.m.2 views

Circle with Disney Remote Code Execution Vulnerability

Circle with Disney is a set of network monitoring and management devices for monitoring children's online behavior from Circle Media, Inc. in the United States. A remote code execution vulnerability exists in the server update feature in Circle with Disney version 2.0.1. The vulnerability can be...

9CVSS9.1AI score0.02024EPSS
Exploits2References1
OSV
OSV
added 2017/03/30 7:59 a.m.17 views

CVE-2017-7323

The 1 update and 2 package-installation features in MODX Revolution 2.5.4-pl and earlier use http://rest.modx.com by default, which allows man-in-the-middle attackers to spoof servers and trigger the execution of arbitrary code by leveraging the lack of the HTTPS protection mechanism...

8.1CVSS7.4AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/01/23 9:59 p.m.18 views

CVE-2016-5119

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update...

7.5CVSS7.4AI score0.02347EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2017/01/23 9:0 p.m.34 views

CVE-2016-5119

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update...

7.5CVSS7.6AI score0.02347EPSS
Exploits1
Rows per page
Query Builder