19 matches found
PT-2026-44087
pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pam usb helper tools resolved external binaries through the PATH environment variable rather than using absolute paths. An attacker who can influence the process environment during PAM...
PT-2026-33362
Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 11.4 through 12.0 Description An incorrect authorization issue exists where the system fails to correctly check permissions assigned to developer credentials. This flaw allows low-privilege users to generate...
EUVD-2015-7334
Malware in sbrugna...
EUVD-2018-1175
Malware in sbrugna...
CVE-2025-32778
Web-Check is an all-in-one OSINT tool for analyzing any website. A command injection vulnerability exists in the screenshot API of the Web Check project Lissy93/web-check. The issue stems from user-controlled input url being passed unsanitized into a shell command using exec, allowing attackers t...
ALPINE-CVE-2020-6106
An exploitable information disclosure vulnerability exists in the initnodemanager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability...
Security Bulletin: Session management vulnerability affects IBM Sterling B2B Integrator (CVE-2017-1152)
Summary IBM Sterling Global Integration On-Demand Environment does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. Vulnerability Details CVEID: CVE-2017-1152 DESCRIPTION: IBM Sterling Global Integration On-Deman...
Input validation
A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...
CVE-2018-0352
A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...
CVE-2018-0352
A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...
CVE-2018-0352
CVE-2018-0352 concerns Cisco WAAS Software’s Disk Check Tool (disk-check.sh). A local, authenticated attacker with super-user credentials (level 15) can replace a running script with a malicious one due to insufficient validation of script files, potentially gaining root privileges and full contr...
CVE-2018-0352
A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...
CVE-2018-0352
A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...
Cisco Wide Area Application Services (WAAS) Software Elevation of Privilege Vulnerability
Cisco Wide Area Application Services WAAS Software is a suite of WAN link acceleration software from Cisco, U.S.A. Disk Check Tool disk-check.sh is one of the disk checking tools. A privilege-lifting vulnerability exists in Disk Check Tool disk-check.sh in Cisco WAAS Software, which stems from th...
Shopify: myshopify.com domain takeover
Hello Shopify Security Team, I just received your email and I'm sorry for any inconvenience. Yes, it was me. Basically, I just tried to audit your website using some black box testing. Unfortunately, I didn't read about those guidelines, such as creating a store on https://partners.shopify.com/ a...
Apple macOS High Sierra fsck_msdos Memory Corruption Vulnerability
Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers. fsckmsdos is one of the file system checking tools. A security vulnerability exists in the fsckmsdos component in Apple macOS High Sierra versions prior to 10.13.1. An attacker can exploit the...
Mac GateKeeper vulnerability patch is invalid, it can still be bypassed to attack-vulnerability warning-the black bar safety net
Recently, security experts Patrick Wardle said earlier Apple released for the repair of reinforcing the Mac OS X GateKeeper vulnerability patch is invalid, cannot protect the user of Mac computer security. In 2 0 1 5 year 9 months, is exactly what Patrick Wardle first discovered the vulnerability...
CVE-2015-7410
IBM CVE-2015-7410 affects IBM Sterling B2B Integrator 5.2 (Health Check tool). The vulnerability is due to cookies not being properly handled with HTTPS sessions, enabling cookie hijacking via MITM-type scenarios. Affected product/version: IBM Sterling B2B Integrator 5.2. Remediation/fix: apply t...
CVE-2015-7410
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors...