Untrusted Search Path in Content - Edit Files / Companion - CVE-2020-4019

The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability. h5. Acknowledgements Credit for finding this vulnerability goes to Johannes...

New AgentTesla variant steals WiFi credentials

AgentTesla is a .Net-based infostealer that has the capability to steal data from different applications on victim machines, such as browsers, FTP clients, and file downloaders. The actor behind this malware is constantly maintaining it by adding new modules. One of the new modules that has been...

CVE-2020-1002

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'...

CVE-2020-7274

Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security ENS for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges by default it runs with the...

Input validation

Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security ENS for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file...

CVE-2020-7259 Unsigned executable vulnerability in ENS can be used to bypass intended self-protection rules

Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security ENS Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file...

Microsoft Windows KERNELBASE Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Low: Red Hat Security Advisory: elfutils security update

An update for elfutils is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Microsoft (MAU) Office Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate MAU application for Mac improperly validates updates before executing them. An attacker who successfully exploited the vulnerability who already has the ability to execute code on a system could elevate privileges. To...

Update to improve messaging in dialog boxes when you run executable files in Windows

Update to improve messaging in dialog boxes when you run executable files in Windows Introduction This article describes an update that improves the messaging in certain dialog boxes in Windows Server 2008, Windows 7, Windows Server 2008R2, Windows 8, and Windows Server 2012. Resolution This upda...

CVE-2020-10551

QQBrowser before 10.5.3870.400 installs a Windows service TsService.exe. This file is writable by anyone belonging to the NT AUTHORITY\Authenticated Users group, which includes all local and remote users. This can be abused by local attackers to escalate privileges to NT AUTHORITY\SYSTEM by writi...

CVE-2020-1885

Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file...

TestLink File Upload Vulnerability

TestLink is a set of open source software for managing the software testing process and providing statistical analysis. A file upload vulnerability exists in the keywordImport.php file in TestLink version 1.9.20. A remote attacker can exploit this vulnerability by uploading a file with an...

CVE-2020-11544

An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via addcars.php. There are no upload restrictions f...

CVE-2019-19699

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...

CVE-2019-19699

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...

CVE-2020-11544

An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via addcars.php. There are no upload restrictions f...

CVE-2020-11544

Project Worlds Official Car Rental System 1 contains an arbitrary file upload vulnerability in the file-manager upload section (add_cars.php). There are no restrictions on executable file uploads, allowing an admin to run commands on the server with their account. The connected reports confirm th...

Windows Unquoted Service Path Privilege Escalation

This module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths:...

Unrestricted file upload

An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file containing PHP code to execute operating system...