CVE-2020-10138

Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can...

CVE-2020-10139

Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system...

EUVD-2021-13122

Malware in sbrugna...

Microsoft Office Code Execution Vulnerability (CNVD-2025-13272)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to execute...

CVE-2020-11507

An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial of Service DoS - Circumvention of security measure - Execution of arbitrary code User Rights - Execution of arbitrar...

ROS-20250110-04

Vulnerability of instancecreate method of the program for monitoring and adaptive tuning of system devices tuned is related to insufficient input data validation when processing the instancename parameter. Exploitation of the vulnerability could allow an attacker to conduct spoofing attacks...

SolarWinds Access Rights Manager OpenClientUpdateFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenClientUpdateFile method. The issue results from the lack of...

Tenda A15 wepkey parameter stack overflow vulnerability

Tenda A15 is a WiFi extender from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda A15 wepkey parameter, which originates from the lack of length checking of input data in the wepkey parameter of /goform/WifiBasicSet, and can be exploited by an attacker to execute...

Mozilla Firefox ESR Security Advisories (MFSA2019-06, MFSA2019-08) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox ESR Multiple Vulnerabilities - August12 (Windows)

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvulnaug12win.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities - August12 Windows Authors: Arun Kallavi Copyright:...

CVE-2004-2329

Kerio Personal Firewall KPF 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box...