132 matches found
CVE-2018-1783
IBM GPFS IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 command line utility allows an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS. IBM X-Force ID: 148806...
CVE-2017-3912
Bypassing password security vulnerability in McAfee Application and Change Control MACC 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility...
CVE-2017-3912 McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass
Bypassing password security vulnerability in McAfee Application and Change Control MACC 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility...
[SECURITY] Fedora 28 Update: soundtouch-2.0.0-3.fc28
SoundTouch is a LGPL-licensed open-source audio processing library for changing the Tempo, Pitch and Playback Rates of audio streams or files. The SoundTouch library is suited for application developers writing sound processing tools that require tempo/pitch control functionality, or just for...
Debian: Security Advisory (DSA-4238-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention DLP Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility...
CVE-2018-6664
CVE-2018-6664 affects McAfee Data Loss Prevention (DLP) Endpoint: the DLP Agent prior to 10.0.500 or 11.x prior to 11.0.400 allows an authenticated user to bypass the product block via a command-line utility. Impact is a master bypass of protection, with no details on exploitation in the wild pro...
Binary Whitelisting Blacklisting System for macOS: Santa
Santa is a binary whitelisting/blacklisting system for macOS. It consists of a kernel extension that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in case of a block decision and a...
[SECURITY] [DLA 1197-1] sox security update
Package : sox Version : 14.4.0-3+deb7u2 CVE ID : CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15370 CVE-2017-15371 CVE-2017-15372 CVE-2017-15642 Debian Bug : 870328 878810 878809 878808 882236 882144 Various security vulnerabilities were discovered in sox, a command line utility to conve...
Linux Ad & Malware Blocking Script: Hostsblock
Hostsblock is a bash script designed to take advantage of /etc/hosts file to provide system-wide blocking of internet advertisements, malicious domains, trackers, and other undesirable content. To do so, it downloads a configurable set of blocklists and processes their entries into a single...
Public Port Scan Scrapper: scanless
Public Port Scan Scrapper Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you’d like to run a port scan on a host and have it not come from your IP address. scanless adj: lacking respectable morals. That girl ...
CVE-2016-8010
CVE-2016-8010 affects McAfee Application Control (MAC) v7.0 and earlier and McAfee Endpoint Security (ENS) v10.2 and earlier. Description: a vulnerability allows a local attacker to bypass local security protections via a command‑line utility. The connected documents confirm affected products and...
openSUSE Security Update : open-vm-tools (openSUSE-2017-276)
This update for open-vm-tools fixes the following issues : - Updated to 10.1.0 stable release boo1011057 + vmware-namespace-cmd command line utility. + gtk3 support + Common Agent Framework CAF + guest authentication with xmlsec1 + FreeBSD support + sub-command to push updated network information...
Stack overflow
Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument...
CVE-2015-3259
Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument...
New Utility Decrypts Files Lost to TeslaCrypt Ransomware
Crypto-ransomware variants have enterprises on edge because of the threat of irreversibly damaged files. Some organizations, including most recently the Tewksbury, Ma., police department have gone as far as to pay hundreds of dollars in ransom for the recovery key. Some technology companies are...
CVE-2015-2746
The network diagnostics tool CommandLineServlet in the Appliance Manager command line utility CLU in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command...
Command injection
The network diagnostics tool CommandLineServlet in the Appliance Manager command line utility CLU in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command...
CVE-2015-2746
The CVE-2015-2746 entry applies to Websense TRITON AP-WEB 7.8.3 and V-Series appliances (pre-7.8.4 Hotfix 02). The vulnerability is a command-injection in the Appliance Manager CommandLineServlet where remote authenticated users can inject shell metacharacters via the second parameter (demonstrat...
Websense Appliance Manager - Command Injection
Abstract A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perform a remote unauthenticated attacks to compromise the...