SAP NetWeaver Application Server Information Disclosure Vulnerability

SAP NetWeaver Application Server is an application server from SAP, Germany. An information disclosure vulnerability exists in SAP NetWeaver Application Server ABAP, which can be exploited by an attacker with administrative or user directory privileges to disclose data and compromise program...

CVE-2025-0543

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in...

CVE-2025-0543

CVE-2025-0543 describes a local privilege escalation in the G DATA Security Client caused by incorrect assignment of directory privileges. An unprivileged local attacker can escalate to SYSTEM by placing an arbitrary executable in a globally writable directory, which is then executed by the Setup...

CVE-2025-0543 G DATA Security Client Local privilege escalation

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in...

CVE-2019-20048

An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as SYSTEM...

McAfee True Key (TK) Windows Client Weak Directory Privileges Vulnerability

McAfee True Key TK is an authentication application from the American company McAfee. The program supports features such as facial information recognition and fingerprint recognition. A security vulnerability exists in the Microsoft Windows client in McAfee TK 5.1.230.7 and earlier versions. A...

EMC Avamar Data Store and Avamar Virtual Edition Elevation of Privilege Vulnerability (CNVD-2016-07938)

EMC Avamar is a backup and recovery solution from EMC Corporation. The solution provides data backup, disaster recovery, deduplication, etc. Avamar Data Store ADS is one of the components used for data backup; Avamar Virtual Edition AVE is one of the components used to realize the replication...

Troubleshooting Checklist: Cannot enroll and authenticate a device using Secure Hub

If a device cannot enroll and authenticate using Secure Hub, ask the following questions: Is the user synced to XenMobile? Are there multiple domains managed? For details on multi-domain configuration in MAM+MDM mode, see this Citrix blog post. Is the Global Catalog port managed? From which domai...

FreeBSD : stunnel -- Remote Code Execution (c97219b6-843d-11e2-b131-000c299b62e1)

Michal Trojnara reports : 64-bit versions of stunnel with the following conditions : NTLM authentication enabled CONNECT protocol negotiation enabled Configured in SSL client mode An attacker that can either control the proxy server specified in the 'connect' option or execute MITM attacks on the...

Design/Logic Flaw

Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the...

Oracle privilege escaclation

User with CREATE ANY DIRECTORY privileges can escalate privileges to SYSDBA...