EUVD-2020-2341

Malware in sbrugna...

CVE-2020-0872

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...

PT-2024-53: Reading arbitrary files via API in PT Application Inspector (PT AI)

The vulnerability was identified in PT Application Inspector PT AI, versions 4.4.0 - 4.9.0 inlusevely. The discovered vulnerability allows an attacker with network access to PT AI to read source code files of other users' projects. The vulnerability can be used for privilege escalation...

PT-2024-04: Remote Code Execution at scan startup in PT Application Inspector (PT AI)

The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI management server to remotely execute code on the scan agent. Exploitation of the vulnerability requires authorization of the "project...

PT-2024-09: Creating arbitrary files during project creation in PT Application Inspector (PT AI)

The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to create arbitrary files without the ability to overwrite existing files. Exploitation of the vulnerability requires...

PT-2024-08: Reading arbitrary files when scanning a project linked to a git repository in PT Application Inspector (PT AI)

The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to read source code files of other user's projects. The vulnerability can be exploited for privilege escalation...

PT-2024-06: Reading arbitrary files in the component Web IDE in PT Application Inspector (PT AI)

The vulnerability was identified in PT AI affecting versions 4.4 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to read source code files of other user's projects. Exploitation of the vulnerability requires authorization of the...

PT-2024-05: Remote Code Execution when creating a project from a git repository in PT Application Inspector (PT AI)

The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to remotely execute code on the control server. Exploitation of the vulnerability requires authorization of the "project...

PT-2024-07: Reading arbitrary files via API in PT Application Inspector (PT AI)

The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to read source code files of other user's projects. The vulnerability can be exploited for privilege escalation...

Microsoft Application Inspector Remote Code Execution Vulnerability

Microsoft Application Inspector is a software source code analysis tool from the U.S. company Microsoft Microsoft. The product supports scanning C, C++, C, Java and JavaScript and other languages. A remote code execution vulnerability exists in Microsoft Application Inspector v1.0.23 and prior...

CVE-2020-0872

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...

CVE-2020-0872

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...

Remote code execution

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...

CVE-2020-0872

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...

March 2020 Patch Tuesday – 115 Vulns, 26 Critical, Microsoft Word and Workstation Patches

This month’s Microsoft Patch Tuesday addresses 115 vulnerabilities with 26 of them labeled as Critical. Of the 26 Critical vulns, 17 are for browser and scripting engines, 4 are for Media Foundation, 2 are for GDI+ and the remaining 3 are for LNK files, Microsoft Word and Dynamics Business...

Remote Code Execution Vulnerability in Application Inspector

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output. An attacker who exploited it could send sections of the report containing code snippets to an external...

KLA11690 Multiple vulnerabilities in Microsoft Open Source Software

Vulnerability in Application Inspector can be exploited remotely via script injection to execute arbitrary code. Original advisories CVE-2020-0872 Related products Microsoft-Windows-10 CVE list CVE-2020-0872 high KB list Solution Install necessary updates from the KB section, that are listed in...