Lucene search
K

8698 matches found

OSV
OSV
added 2018/12/24 3:29 p.m.4 views

CVE-2018-8920

Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager DSM before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format...

7.2CVSS5.9AI score0.01027EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/12/24 3:29 p.m.3 views

CVE-2018-8920

Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager DSM before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format...

7.2CVSS5.9AI score0.01027EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/12/24 12:0 a.m.4 views

PT-2018-18718 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.6-15266 Description: The issue is related to improper neutralization of escape in the Log Exporter component, allowing remote attackers to inject arbitrary content when exporting an archi...

7.2CVSS7.3AI score0.01027EPSS
Exploits0References3
Citrix
Citrix
added 2018/12/23 12:0 a.m.6 views

SDWAN: NITRO API command to export configuration

How to export SDWAN configuration through NITRO API ? Please use the below command to export SDWAN configuration through NITRO API: NOTE: The configuration export NITRO API command is available only from 10.2 build. First login to SDWAN device through NITRO API using below command .Then Export th...

7.2AI score
Exploits0
Broadcom
Broadcom
added 2018/12/21 12:0 a.m.9 views

BSA-2018-746

Security Advisory ID : BSA-2018-746 Component : Servlet Revision : 1.0: Initial A Vulnerability in Brocade Network Advisor Version before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encypted not hashed password of the systems. The...

7.5CVSS7.2AI score0.01671EPSS
Exploits0
Packet Storm
Packet Storm
added 2018/12/13 12:0 a.m.80 views

WebDAV Server Serving DLL

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Serve DLL via webdav server', 'Description' = %q This module simplifies the rundll32.exe Application Whitelisting Bypass technique. The module...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/12/11 8:0 a.m.128 views

Cumulative Update 25 for Microsoft Dynamics NAV 2017 (Build 26396)

Cumulative Update 25 for Microsoft Dynamics NAV 2017 Build 26396 This article applies to Microsoft Dynamics NAV 2017 for all countries and all language locales. Overview This cumulative update includes all hotfixes and regulatory features that have been released for Microsoft Dynamics NAV 2017,...

5.4CVSS5.8AI score0.01463EPSS
Exploits0
Drupal
Drupal
added 2018/11/28 12:0 a.m.21 views

GatherContent - Moderately critical - Access bypass - SA-CONTRIB-2018-075

This module enables you to import and export data from the GatherContent service. The module didn't properly protect its administrative paths...

6.7AI score
Exploits0References7
OSV
OSV
added 2018/11/21 10:23 p.m.3 views

GHSA-W4X9-4F5X-8JJ8 Low severity vulnerability that affects org.apache.hive:hive-exec, org.apache.hive:hive, and org.apache.hive:hive-service

Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for 1 import and 2 export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI...

3.5CVSS6AI score0.03498EPSS
Exploits0References5
n0where
n0where
added 2018/11/21 12:16 a.m.86 views

Extract Digital Evidences From Images: Imago-Forensics

Imago is a python tool that extract digital evidences from images recursively. This tool is useful throughout a digital forensic investigation. If you need to extract digital evidences and you have a lot of images, through this tool you will be able to compare them easily. Imago allows to extract...

0.2AI score
Exploits0References1
OSV
OSV
added 2018/11/14 1:29 a.m.3 views

CVE-2018-8582

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522,...

8.8CVSS6.4AI score0.18594EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2018/11/14 1:29 a.m.3 views

CVE-2018-8582

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522,...

9.3CVSS6.7AI score0.19059EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/11/14 1:0 a.m.30 views

CVE-2018-8582

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522,...

8.4AI score0.18594EPSS
Exploits0References3
CNVD
CNVD
added 2018/11/14 12:0 a.m.4 views

Microsoft Outlook Remote Code Execution Vulnerability (CNVD-2018-23150)

Microsoft Outlook is one of the components of the Microsoft Office software suite, which expands on the functionality of Outlook express that comes with Windows.Outlook has many features that can be used to send and receive e-mail, manage contact information, keep a diary, organize schedules, and...

9.3CVSS8.4AI score0.18594EPSS
Exploits0References1
Prion
Prion
added 2018/11/13 6:29 a.m.19 views

Xxe

An XML External Entity XXE vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked...

5CVSS8.4AI score0.02022EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/13 6:29 a.m.17 views

CVE-2018-19244

An XML External Entity XXE vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked...

8.6CVSS8.4AI score0.02022EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/11/13 6:0 a.m.16 views

CVE-2018-19244

An XML External Entity XXE vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked...

8.4AI score0.02022EPSS
Exploits1References1
CVE
CVE
added 2018/11/13 6:0 a.m.40 views

CVE-2018-19244

The CVE-2018-19244 entry details an XML External Entity (XXE) vulnerability in Charles 4.2.7 within the import/export setup option. According to the provided sources, if a user imports a malicious or attacker-supplied Charles Settings.xml, an intranet network may be accessed and information may b...

8.6CVSS8.3AI score0.02022EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/11/12 12:0 a.m.2 views

Brocade Fabric OS Security Bypass Vulnerability (CNVD-2018-23083)

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade Communications Systems Brocade in the United States. A security vulnerability exists in the 'secryptocfg export' command in Brocade FOS. A local attacker could exploit this...

5.5CVSS5.8AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2018/11/08 2:29 p.m.3 views

CVE-2018-6433

A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system...

5.5CVSS5.8AI score0.00342EPSS
Exploits0References1
Rows per page
Query Builder