Ubuntu: Security Advisory (USN-3354-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-11672

The OPC Foundation Local Discovery Server LDS before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges...

Design/Logic Flaw

The OPC Foundation Local Discovery Server LDS before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges...

CVE-2017-11672

The OPC Foundation Local Discovery Server LDS before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges...

UBUNTU-CVE-2017-10708

An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file...

Path traversal

Unquoted executable path vulnerability in Client Management and Gateway components in McAfee now Intel Security ePO Deep Command eDC 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path...

CVE-2015-8988

CVE-2015-8988 concerns an unquoted executable path vulnerability in the McAfee/ePO Deep Command (eDC) Client Management and Gateway components. The affected versions are eDC 2.2 and 2.1. The issue allows an authenticated user to execute arbitrary commands by dropping a malicious file in the unquo...

NVIDIA GeForce Experience Stack Buffer Overflow Vulnerability

NVIDIA GeForce Experience is a suite of automatic graphics card update tools from NVIDIA. A stack buffer overflow vulnerability exists in NVIDIA GeForce Experience. An attacker can exploit this vulnerability with an executable path to cause a denial of service or elevation of privilege...

Apple OS X Application Firewall Denial of Service Vulnerability

Apple OS X is the United States Apple Apple company for the Mac computer developed a set of specialized operating systems. application Firewall is one of the application firewall component. A denial of service vulnerability exists in Application Firewall in Apple OS X versions prior to 10.12, whi...

OSX Screen Capture

This module takes screenshots of target desktop and automatically downloads them. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OSX Screen Capture', 'Description' = %q This module takes...

PT-2009-4355 · Pulseaudio · Pulseaudio

Name of the Vulnerable Software and Affected Versions: PulseAudio versions 0.9.9 through 0.9.14 Description: A race condition exists that allows local users to gain privileges. This issue involves the creation of a hard link and is related to the application setting LD BIND NOW to 1, and then...

M-TECH P-Synch 6.2.5 - Full Path Disclosure

M-TECH P-Synch 6.2.5 - Full Path Disclosure source: https://www.securityfocus.com/bid/7740/info Reportedly an attacker may make a malicious HTTP request for specific P-Synch executables passing an empty URI parameter to trigger the condition. Although unconfirmed, it is likely that the request wi...