26 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992268)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992268 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: Deallocate EPC memory on dwpcieepinit errors If dwpcieepinit fails to perform any actio...
CVE-2025-65795
Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...
EUVD-2018-9522
Malware in sbrugna...
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise
Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network VPN clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. "By targeting the implicit trust VPN clients place in servers,...
Authorization Bypass
directus is vulnerable to Authorization Bypass. The vulnerability is caused due to a missing validation for the user parameter in the PATCH requests for the end point /presets. This allows an authenticated external attacker to modify presets created by the same user to assign them to another user...
Authentication flaw
Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass...
CVE-2022-43996
The csafprovider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. The endpoint upload allows valid CSAF advisories JSON format to be uploaded with Content-Type text/html and filenames ending in .html. When subsequently accessed via web browser, these advisories a...
Multiple Schneider Electric Product Security Feature Issue Vulnerabilities
Schneider Electric Acti9 Smartlink SI D is a smart interface unit that realizes data communication between Acti9 electrical devices and Modbus devices. Schneider Electric Acti9 Smartlink SI D is an intelligent interface unit that enables data communication between Acti9 electrical devices and...
Acronis: Broken Access Controls
The End Point notary.acronis.com Blocks access to the panel if you are not an authenticated user. More is possible to access some functions of the panel by adding the .html at the end See Poc From Video Below Impact Broken access control vulnerabilities exist when a user can in fact access some...
Deep learning rises: New methods for detecting malicious PowerShell
Scientific and technological advancements in deep learning, a category of algorithms within the larger framework of machine learning, provide new opportunities for development of state-of-the art protection technologies. Deep learning methods are impressively outperforming traditional methods on...
Who should protect you from Cyber Threats?
The world is becoming increasingly dependent on information technologies. 1. Government. More and more states provide digital services for their citizens and rely complex information systems. 2. Business. There are no more companies that do not have IT infrastructure on-premises or cloud. IT...
Seqrite End Point Security 7.4 - Privilege Escalation
Exploit Title: Seqrite End Point Security 7.4 - Privilege Escalation Date: 2018-09-13 Exploit Author: Hashim Jawad - @ihack4falafel Vendor Homepage: https://www.seqrite.com/ Tested on: Windows 7 Enterprise SP1 x64 CVE: CVE-2018-17775 Description: Seqrite End Point Security v7.4 installs by defaul...
CVE-2018-17775
Seqrite End Point Security v7.4 has "Everyone: F" permission for %PROGRAMFILES%\Seqrite\Seqrite, which allows local users to gain privileges by replacing an executable file with a Trojan horse...
CVE-2018-17775
Seqrite End Point Security v7.4 has "Everyone: F" permission for %PROGRAMFILES%\Seqrite\Seqrite, which allows local users to gain privileges by replacing an executable file with a Trojan horse...
Code injection
Seqrite End Point Security v7.4 has "Everyone: F" permission for %PROGRAMFILES%\Seqrite\Seqrite, which allows local users to gain privileges by replacing an executable file with a Trojan horse...
CVE-2018-17775
Seqrite End Point Security v7.4 has "Everyone: F" permission for %PROGRAMFILES%\Seqrite\Seqrite, which allows local users to gain privileges by replacing an executable file with a Trojan horse...
CVE-2018-17775
CVE-2018-17775 affects Seqrite End Point Security v7.4. The vulnerability arises from the installation directory %PROGRAMFILES%\Seqrite\Seqrite with overly permissive Everyone:F ACLs, enabling a local user to replace an executable and escalate to SYSTEM. Exploitation details exist in public sourc...
Seqrite End Point Security 7.4 Privilege Escalation Vulnerability
Seqrite End Point Security version 7.4 suffers from a weak file permission privilege escalation vulnerability. Exploit Title : Seqrite End Point Security v7.4 - Weak Folder Permissions Privilege Escalation Exploit Author : Hashim Jawad - @ihack4falafel Vendor Homepage : https://www.seqrite.com/...
Seqrite End Point Security 7.4 Privilege Escalation
Exploit Title : Seqrite End Point Security v7.4 - Weak Folder Permissions Privilege Escalation Date : 09/13/2018 Exploit Author : Hashim Jawad - @ihack4falafel Vendor Homepage : https://www.seqrite.com/ Tested on : Windows 7 Enterprise SP1 x64 Description: ============ Seqrite End Point Security...
Smart Access Guide for NetScaler Gateway, StoreFront and XenDesktop
NetScaler Smart Access is an advanced feature of NetScaler Gateway. Usually, it needs to be used in the following 2 scenarios. 1. NetScaler End Point Analysis EPA is used. 2. Restrict user’s app/desktop visibility if the session is from NetScaler Gateway. In this document, I will focus on scenari...