611 matches found
Ark: Unintended execution of scripts and executable files
Background Ark is a graphical file compression/decompression utility with support for multiple formats. Description A vulnerability was discovered in how Ark handles executable files while browsing a compressed archive. A user could unintentionally execute a malicious script which has the...
About the security content of Apple TV 7.2.1 - Apple Support
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...
CVE-2016-8204
A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed...
Design/Logic Flaw
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...
CVE-2016-6848
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...
Brave Software: links the user may download can be a malicious files
Hi, Summary: This vulnerability is pretty simple and pretty dangerous at the same time Almost any link the user tries to download it's extension is set according to the file extension in the path if the path is / then it download's it according to the domain name Eg: 1...
CVE-2016-5945
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
CVE-2016-5945
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
CVE-2016-5945
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
Suspicious Webpage JavaScript Downloader
Certain malicious executable files can be hidden using js downloader file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...
OEM Bloatware Security Vulnerabilities Found
Last year’s Superfish and eDellRoot bloatware mishaps exposed the security nightmare that pre-installed software updaters can create on new laptops. And while these two high-profile incidents made the issue public, they’re hardly isolated cases. Many popular consumer and business laptops from...
Apache Camel: source code security analysis report
Several vulnerabilities were discovered in The Apache Software Foundation 'Apache Camel' software: Using Synchronization Primitives in EJB components Missing Verification of Executable Files' Digital Signature when Executing them from Untrusted Sources Violating the Java Object Model Using...
CVE-2016-0226
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...
Design/Logic Flaw
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...
About the security content of Apple TV 7.2.1
About the security content of Apple TV 7.2.1 This document describes the security content of Apple TV 7.2.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are availabl...
Trend Micro Password Manager program arbitrary command execution vulnerability verification-vulnerability and early warning-the black bar safety net
Trend Micro antivirus software to suit the windows version, contains a password management program, the program is also in the official website provides a single download connection, is a free service. The default installation of the latest TRAND Micro: the ! 1 Figure 1 Can in Data Security find...
JVN#64636058: WinRAR may insecurely load executable files
WinRAR contains a function where user specified files on the local disk can be executed. When this file does not have a file extension, a file of the same name with a file extension contained in the same folder may be executed by WinRAR instead of the user specified file. WinRAR also contains a...
Cyclope Employee Surveillance 8.6.1 Insecure File Permissions
Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link: http://www.cyclope-series.com/setups/setup.exe Software descriptio...
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...
Cyclope Employee Surveillance v8.6.1 Insecure File Permissions Vulnerability
Exploit for windows platform in category local exploits Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...