Lucene search
K

728 matches found

0day.today
0day.today
added 2016/10/03 12:0 a.m.21 views

DWebPro 8.4.2 - Multiple Vulnerabilities

Exploit for windows platform in category remote exploits Exploit Title: DWebPro 8.4.2 Remote Binary Execution Date: 01/10/2016 Exploit Author: Tulpa Contact: email protected Author website: www.tulpa-security.com Author twitter: @tulpasecurity Vendor Homepage: http://www.dwebpro.com/ Software Lin...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of the Linter Bastion database management system allows a malicious individual to control any service on a remote computer.

The RPC call with number 0x0A "0x0040AF25" allows a malicious individual to control any Windows service on a remote computer where linstmgr.exe is running, even though they have no authority to do so. This could enable the malicious individual to interfere with the normal operation of the service...

7.5CVSS5.6AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2016/05/12 12:0 a.m.75 views

Huawei Mobile Broadband HL Service 22.001.25.00.03 Local Privilege Escalation

Huawei Mobile Broadband HL Service Local Privilege Escalation Metadata =================================================== Release Date: 12-05-2016 Author: Florian Bogner @ Kapsch BusinessCom AG https://www.kapsch.net/kbc Affected versions: up to the current 22.001.25.00.03 on x86 and x64 Tested...

7.2CVSS0.5AI score0.00479EPSS
Exploits1
CERT
CERT
added 2016/03/17 12:0 a.m.67 views

Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow

Overview The Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow. Description CWE-121: Stack-based Buffer Overflow - CVE-2016-2345Solarwinds Dameware Remote Mini Controller is a software for assisting in remote desktop connections for helpdesk support...

10CVSS9.8AI score0.51215EPSS
Exploits4References2
Packet Storm
Packet Storm
added 2015/11/24 12:0 a.m.46 views

Polycom BTOE Connector 2.3.0 Local Privilege Escalation

Title: Polycom BToE Connector up to version 2.3.0 allows unprivileged windows users to execute arbitrary code with SYSTEM privileges. Type of vulnerability: Privilege Escalation Exploitation vector: local Attack outcome: Code execution with SYSTEM privileges. Impact: CVSS Base Score 6,2 CVSS v2...

0.3AI score0.00553EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2015/11/20 12:0 a.m.42 views

Tibbo AggreGate SCADA/HMI Server Service uploadDirectory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tibbo AggreGate SCADA/HMI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Windows service "AggreGate Server Service" agserverservice.exe. Through...

9.3CVSS7.3AI score0.03203EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/10/01 12:0 a.m.101 views

HP-UX PHSS_43690 : s700_800 11.31 X/Motif Runtime Patch

s700800 11.31 X/Motif Runtime Patch : Potential security vulnerabilities has been identified with HP-UX running the X Windows Service libraries. These vulnerabilities could be exploited remotely to create a Denial of Service DoS or execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...

6.8CVSS7.4AI score0.03082EPSS
Exploits0References9
securityvulns
securityvulns
added 2015/05/12 12:0 a.m.40 views

ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability EMC Identifier: ESA-2015-044 CVE Identifier: CVE-2015-0527 Severity Rating: CVSS v2 Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC Documentum xCelerat...

2.1CVSS0.5AI score0.0048EPSS
Exploits0
NVD
NVD
added 2015/03/24 12:59 a.m.20 views

CVE-2015-0527

EMC Documentum xCelerated Management System xMS 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform xCP provisioning, which allows local users to obtain sensitive information by reading a file...

2.1CVSS5.7AI score0.0048EPSS
Exploits0References2
Prion
Prion
added 2015/03/24 12:59 a.m.14 views

Design/Logic Flaw

EMC Documentum xCelerated Management System xMS 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform xCP provisioning, which allows local users to obtain sensitive information by reading a file...

2.1CVSS6.2AI score0.0048EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/03/24 12:0 a.m.24 views

CVE-2015-0527

EMC Documentum xCelerated Management System xMS 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform xCP provisioning, which allows local users to obtain sensitive information by reading a file...

5.7AI score0.0048EPSS
Exploits0References2
CVE
CVE
added 2015/03/24 12:0 a.m.46 views

CVE-2015-0527

EMC Documentum xCelerated Management System (xMS) 1.1 prior to P14 contains a sensitive information disclosure vulnerability where Windows Service credentials are stored in plaintext in batch files during provisioning of Documentum Platform or xCP. Local users can read these files to obtain crede...

2.1CVSS5.9AI score0.0048EPSS
Exploits0References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/12/28 12:0 a.m.6 views

CA ARCserve Backup DB Engine Denial of Service - Ver2 (CVE-2008-4399)

CA ARCserve Backup products offer data protection for distributed servers, clients,databases and applications. They provide centralized control over a series of distributed operationsincluding Backup and Restore, Data Migration, and Threat Management. There exists a denial of service vulnerabilit...

5CVSS6.3AI score0.08232EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/12/28 12:0 a.m.4 views

CA ARCserve Backup DB Engine Denial of Service - Ver2 (CVE-2008-4399)

CA ARCserve Backup products offer data protection for distributed servers, clients,databases and applications. They provide centralized control over a series of distributed operationsincluding Backup and Restore, Data Migration, and Threat Management. There exists a denial of service vulnerabilit...

5CVSS6.3AI score0.08232EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2014/08/25 4:0 p.m.4 views

CVE-2014-5455

Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 Windows and OpenVPN Connect version 3.1 Windows allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder...

7.3AI score0.00951EPSS
Exploits2References7
Veeam
Veeam
added 2014/07/29 12:0 a.m.27 views

Job Fails to Start Due to Timeout Caused by Desktop Heap Allocation Failure

Article Applicability The timeout error displayed in Veeam Backup & Replication can be caused by various factors. This article explicitly addresses a scenario where the Windows OS experiences a 'heap allocation' failure. Please note that the solution provided in this article is only applicable if...

6.8AI score
Exploits0
NVD
NVD
added 2014/04/01 3:24 a.m.12 views

CVE-2013-2278

Unspecified vulnerability in War FTP Daemon warftpd 1.82, when running as a Windows service, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."...

10CVSS7.7AI score0.0347EPSS
Exploits0References2
Prion
Prion
added 2014/04/01 3:24 a.m.15 views

Code injection

Unspecified vulnerability in War FTP Daemon warftpd 1.82, when running as a Windows service, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."...

10CVSS8.4AI score0.0347EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/04/01 12:0 a.m.15 views

CVE-2013-2278

Unspecified vulnerability in War FTP Daemon warftpd 1.82, when running as a Windows service, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."...

7.7AI score0.0347EPSS
Exploits0References2
Metasploit
Metasploit
added 2013/12/13 11:7 p.m.34 views

Windows Manage Driver Loader

This module loads a KMD Kernel Mode Driver using the Windows Service API. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SERVICEDEMANDSTART', 'boot' = 'SERVICEBOOTSTART', 'auto' =...

0.4AI score
Exploits0
Rows per page
Query Builder