3 matches found
CVE-2023-22914
A path traversal vulnerability in the “accountprint.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker with administrator privileges to execute unauthorized OS command...
CVE-2018-10507
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations. An attacker must already have administrator privileges in order to exploit this...
Sun Java Media Framework (JMF) Arbitrary Code Execution
The remote host is using Sun Microsystems's Java Media Framework JMF. There is a bug in the version installed that may allow an untrusted applet to crash the Java Virtual Machine it is being run on, or even to gain unauthorized privileges. An attacker could exploit this flaw to execute arbitrary...