59 matches found
EUVD-2019-9487
Malware in sbrugna...
EUVD-2018-0013
Malware in sbrugna...
EUVD-2013-0388
Malware in sbrugna...
EUVD-2002-0889
Malware in sbrugna...
CVE-2019-3999
Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...
CVE-2022-3901
Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system...
CVE-2024-39920
The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system to any server, when that client system is concurrently obtaining TCP data at a slow rate from an attacker-controlled server, aka the...
CVE-2022-3901
Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system...
CVE-2022-3901 Visioweb.js - Prototype Pollution can results in XSS
Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system...
GHSA-3M8P-XPM6-8WW3 Ansible Arbitrary Code Execution
Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the...
Ansible Arbitrary Code Execution
Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the...
CVE-2021-41131
python-tuf is a Python reference implementation of The Update Framework TUF. In both clients tuf/client and tuf/ngclient, there is a path traversal vulnerability that in the worst case can overwrite files ending in .json anywhere on the client system on a call to getonevalidtargetinfo. It occurs...
Path traversal
python-tuf is a Python reference implementation of The Update Framework TUF. In both clients tuf/client and tuf/ngclient, there is a path traversal vulnerability that in the worst case can overwrite files ending in .json anywhere on the client system on a call to getonevalidtargetinfo. It occurs...
CVE-2020-0655
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka ‘Remote Desktop Services Remote Code Execution Vulnerability’. Recent assessments: zeroSteiner at May 14, 2020 3:27...
CVE-2019-13115
In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or caus...
libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...
CVE-2019-13115
In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or caus...
libssh2: Integer overflow in transport read resulting in out of bounds write
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...
libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSHMSGCHANNELREQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...
libssh2: Integer overflow in transport read resulting in out of bounds write
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...