CVE-2018-14894

CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker who is able to edit permissions of a file to bypass intended access restrictions and execute blocked applications...

CVE-2018-14894

CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker who is able to edit permissions of a file to bypass intended access restrictions and execute blocked applications...

Code injection

The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to...

CVE-2018-20681

mate-screensaver before 1.20.2 in MATE Desktop Environment allows physically proximate attackers to view screen content and possibly control applications. By unplugging and re-plugging or power-cycling external output devices such as additionally attached graphical outputs via HDMI, VGA, DVI, etc...

[SA17748] Sun Java JRE Sandbox Security Bypass Vulnerabilities

TITLE: Sun Java JRE Sandbox Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA17748 VERIFY ADVISORY: http://secunia.com/advisories/17748/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Sun Java SDK 1.4.x http://secunia.com/product/1661/ Sun Java SDK 1.3.x...

Дырка в IIS (File Request Parsing)

При разборе имени запрашиваемого CGI, можно выполнить приложение .bat или .cmd за счет исопльзования специальных метасимволов...

Дырка в cvsweb

Атакующий, имеющий права на запись файлов может выполнить приложения...