Adobe Animate Detection (Windows SMB Login)

Detects the installed version of Adobe Animate. The script logs in via smb, searches for SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2016-6848

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

Design/Logic Flaw

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

CVE-2016-6848

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

Microsoft Bowser.sys Information Disclosure (MS16-135: CVE-2016-7218)

An information disclosure vulnerability exists in Microsoft Windows regarding bowser.sys . A local attacker could exploit this vulnerability by running a specially crafted malicious executable file. Successful exploitation of this vulnerability could lead to information disclosure...

Adobe InDesign Server Detection (Mac OS X SSH Login)

Detects the installed version of Adobe InDesign Server on Mac OS X. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Adobe DNG Converter Detection (Windows SMB Login)

SMB login and WMI file search based detection of Adobe DNG Converter. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-9192

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected...

Design/Logic Flaw

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected...

CVE-2016-9192

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected...

Panda Security URL Filtering Service Detection (Windows SMB Login)

Detects the installed version of Panda Security URL Filtering Service. The script logs in via smb, searches for executable of Panda Security URL Filtering SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

[SECURITY] Fedora 23 Update: flex-2.6.0-2.fc23

The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The...

CVE-2016-8104

Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service...

Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vulnerability

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. The vulnerability is due to incorrect...

Mail.ru: [element.mail.ru] /.svn/entries

В веб директории сайта содержится папка от Subversion. Теоретически это дает раскрытие исходных кодов, но в данном случае файлы с расширением .php.svn-base тоже исполняются веб-сервером. Пример: https://element.mail.ru/.svn/entries 10 dir 14...

Downloads Resources over HTTP

Overview Affected versions of react-native-baidu-voice-synthesizer insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one,...

Downloads Resources over HTTP

Overview Affected versions of npm-test-sqlite3-trunk insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

Downloads Resources over HTTP

Overview Affected versions of healthcenter insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution...

Downloads Resources over HTTP

Overview Affected versions of selenium-standalone-painful insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...

Downloads Resources over HTTP

Overview Affected versions of windows-seleniumjar-mirror insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...