EUVD-2020-26914

Malware in sbrugna...

EUVD-2020-26913

Malware in sbrugna...

CVE-2020-5754

Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of the Webroot endpoint agent...

CVE-2020-5755

Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation...

Code injection

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...

Trend Micro Apex One Forced Browsing Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex One. Authentication is required to exploit this vulnerability. The specific flaw exists within the Apex One web console. By navigating directly to a URL, a user can bypass authorization...

OpenText Webroot endpoint agents elevation of privilege vulnerability

OpenText Webroot endpoint agents is an endpoint security protection agent program from OpenText Canada. A security vulnerability exists in versions prior to OpenText Webroot endpoint agents v9.0.28.48, which stems from the program's failure to protect the "%PROGRAMDATA%\WrData\PKG" directory from...

CVE-2020-5755

Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation...

CVE-2020-5755

Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation...

CVE-2020-5755

CVE-2020-5755 affects Webroot endpoint agents prior to v9.0.28.48. The vulnerability arises from the program’s failure to protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming, which could allow an attacker to trigger a crash or wait for a Webroot service restart to rewrite and hijack...

CVE-2020-5755

Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation...

SolarWinds Log and Event Manager XML External Entity Injection Vulnerability

SolarWinds Log and Event Manager LEM is vulnerable to an Extensible Markup Language XML external entity injection SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Multi-Vendor Autonomy Verity Keyview PRZ Reader Filter Overflow

SUMMARY Symantec products that ship with the Verity KeyView Filter have updated the module to address a security issue being reported in the content filter processing of specifically crafted document formats. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Mail...