6810 matches found
CVE-2017-1085
Removed by vendor...
Solaris libnspr NSPR_LOG_FILE Privilege Escalation
This module exploits an arbitrary file write vulnerability in the Netscape Portable Runtime library libnspr on unpatched Solaris systems prior to Solaris 10u3 which allows users to gain root privileges. libnspr versions prior to 4.6.3 allow users to specify a log file with the NSPRLOGFILE...
openSUSE Security Update : nodejs4 (openSUSE-2018-991)
This update for nodejs4 fixes the following issues : Security issues fixed : - CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer bsc1105019 - Upgrade to OpenSSL 1.0.2p, which fixed : - CVE-2018-0732: Clien...
CVE-2018-16715
An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. The security permissions on the %ProgramData%\CTES folder and sub-folders may allow write access to low-privileged user accounts. This allows unauthorized replacement of service program executable EXE or dynamical...
Design/Logic Flaw
An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. The security permissions on the %ProgramData%\CTES folder and sub-folders may allow write access to low-privileged user accounts. This allows unauthorized replacement of service program executable EXE or dynamical...
SUSE-SU-2018:2647-1 Security update for nodejs4
This update for nodejs4 fixes the following issues: Security issues fixed: - CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer bsc1105019 - Upgrade to OpenSSL 1.0.2p, which fixed: - CVE-2018-0732: Client...
TeamViewer Detection (Mac OS X SSH Login)
Detects the installed version of TeamViewer on Mac OS X. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Code injection
Kaizen Asset Manager Enterprise Edition and Training Manager Enterprise Edition allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library dll assumed the identity of a temporary tmp file isxdl.dll and an executable file assum...
CVE-2018-16545
Kaizen Asset Manager Enterprise Edition and Training Manager Enterprise Edition allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library dll assumed the identity of a temporary tmp file isxdl.dll and an executable file assum...
CVE-2018-16518
A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user's workstation using crafted ZED! containers because the watermark loading function can place an...
Updated quazip packages fix security vulnerability
Updated quazip packages fix security vulnerability: A vulnerability has been found in the way developers have implemented the archive extraction of files. An arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive affects other archives as well, bzip2, tar,x...
Peinjector
This module will inject a specified windows payload into a target executable. require 'rex' class MetasploitModule 'Peinjector', 'Description' = %q This module will inject a specified windows payload into a target executable. , 'License' = MSFLICENSE, 'Author' = 'Maximiliano Tedesco ', 'Platform'...
Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Foxit PDF Reader Pointer Overwrite UAF', 'Description' = %q Foxit PDF Reader v9.0.1.1049 has a Use-After-Free vulnerability in the Text Annotatio...
CVE-2018-15885
Ovation FindMe 1.4-1083-1 is intended to support transmission of network traffic from covert video recorders but does not properly disrupt binary analysis for discovering the product's capabilities or purpose. This makes it easier for adversaries to detect the covert operation. Specifically, the...
CVE-2018-15885
Ovation FindMe 1.4-1083-1 is intended to support transmission of network traffic from covert video recorders but does not properly disrupt binary analysis for discovering the product's capabilities or purpose. This makes it easier for adversaries to detect the covert operation. Specifically, the...
CVE-2018-15885
Ovation FindMe 1.4-1083-1 is intended to support transmission of network traffic from covert video recorders but does not properly disrupt binary analysis for discovering the product's capabilities or purpose. This makes it easier for adversaries to detect the covert operation. Specifically, the...
Design/Logic Flaw
AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files within the installation path. This may allow local attackers to compromise the integrity of critical resource and executable files...
CVE-2018-14791
Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products...
Philips IntelliSpace Cardiovascular and Xcelera Privilege Mismanagement Vulnerability
Philips IntelliSpace Cardiovascular ISCV and Xcelera are both products of the Dutch company Philips.Philips ISCV is a cardiac imaging information management system.Xcelera is its predecessor. A security vulnerability exists in Philips ISCV version 2.x and earlier and Xcelera version 4.1 and...
CVE-2018-14787
In Philips' IntelliSpace Cardiovascular ISCV products ISCV Version 2.x or prior and Xcelera Version 4.1 or prior, an attacker with escalated privileges could access folders which contain executables where authenticated users have write permissions, and could then execute arbitrary code with local...