8698 matches found
CVE-2018-8920
Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager DSM before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format...
CVE-2018-8920
Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager DSM before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format...
PT-2018-18718 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.6-15266 Description: The issue is related to improper neutralization of escape in the Log Exporter component, allowing remote attackers to inject arbitrary content when exporting an archi...
SDWAN: NITRO API command to export configuration
How to export SDWAN configuration through NITRO API ? Please use the below command to export SDWAN configuration through NITRO API: NOTE: The configuration export NITRO API command is available only from 10.2 build. First login to SDWAN device through NITRO API using below command .Then Export th...
BSA-2018-746
Security Advisory ID : BSA-2018-746 Component : Servlet Revision : 1.0: Initial A Vulnerability in Brocade Network Advisor Version before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encypted not hashed password of the systems. The...
WebDAV Server Serving DLL
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Serve DLL via webdav server', 'Description' = %q This module simplifies the rundll32.exe Application Whitelisting Bypass technique. The module...
Cumulative Update 25 for Microsoft Dynamics NAV 2017 (Build 26396)
Cumulative Update 25 for Microsoft Dynamics NAV 2017 Build 26396 This article applies to Microsoft Dynamics NAV 2017 for all countries and all language locales. Overview This cumulative update includes all hotfixes and regulatory features that have been released for Microsoft Dynamics NAV 2017,...
GatherContent - Moderately critical - Access bypass - SA-CONTRIB-2018-075
This module enables you to import and export data from the GatherContent service. The module didn't properly protect its administrative paths...
GHSA-W4X9-4F5X-8JJ8 Low severity vulnerability that affects org.apache.hive:hive-exec, org.apache.hive:hive, and org.apache.hive:hive-service
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for 1 import and 2 export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI...
Extract Digital Evidences From Images: Imago-Forensics
Imago is a python tool that extract digital evidences from images recursively. This tool is useful throughout a digital forensic investigation. If you need to extract digital evidences and you have a lot of images, through this tool you will be able to compare them easily. Imago allows to extract...
CVE-2018-8582
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522,...
CVE-2018-8582
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522,...
CVE-2018-8582
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522,...
Microsoft Outlook Remote Code Execution Vulnerability (CNVD-2018-23150)
Microsoft Outlook is one of the components of the Microsoft Office software suite, which expands on the functionality of Outlook express that comes with Windows.Outlook has many features that can be used to send and receive e-mail, manage contact information, keep a diary, organize schedules, and...
Xxe
An XML External Entity XXE vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked...
CVE-2018-19244
An XML External Entity XXE vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked...
CVE-2018-19244
An XML External Entity XXE vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked...
CVE-2018-19244
The CVE-2018-19244 entry details an XML External Entity (XXE) vulnerability in Charles 4.2.7 within the import/export setup option. According to the provided sources, if a user imports a malicious or attacker-supplied Charles Settings.xml, an intranet network may be accessed and information may b...
Brocade Fabric OS Security Bypass Vulnerability (CNVD-2018-23083)
Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade Communications Systems Brocade in the United States. A security vulnerability exists in the 'secryptocfg export' command in Brocade FOS. A local attacker could exploit this...
CVE-2018-6433
A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system...