JVN#35928117: Protection mechanism failure in RevoWorks

RevoWorks SCVX and RevoWorks Browser provided by J's Communication Co., Ltd. enable users to execute web browsers in the sandboxed environment isolated from the client's local environment. In the products, file exchange between the sandboxed environment and local environment is prohibited in...

Unspecified Vulnerability in ZOHO ManageEngine Device Control Plus (CNVD-2023-00006)

ZOHO ManageEngine Device Control Plus is a USB device control software from ZOHO USA. It is used to control, block and monitor all removable devices connected to the computer. A security vulnerability exists in ZOHO ManageEngine Device Control Plus version 10.1.2228.15, which originates from the...

Unspecified Vulnerability in ZOHO ManageEngine Device Control Plus

ZOHO ManageEngine Device Control Plus is a USB device control software from ZOHO USA. It is used to control, block and monitor all removable devices connected to the computer. A security vulnerability exists in ZOHO ManageEngine Device Control Plus version 10.1.2228.15 that originates from the...

CVE-2021-20791

CVE-2021-20791 (RevoWorks Browser) is an improper access control vulnerability affecting RevoWorks Browser 2.1.230 and earlier. The issue allows an attacker to bypass access restrictions and exchange unauthorized files between the user’s local environment and the browser’s isolated environment vi...

CLI for Ephemeral Penetration Testing: hideNsneak

This application assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls. hideNsneak provides a simple...

JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability

Document Title: =============== JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1709 Release Date: ============= 2016-02-08 Vulnerability Laboratory ID VL-ID: ====================================...

Qubes OS Release Enhances Security Via Domain Isolation

With the deluge of malware and advanced attacks continuing unabated, security approaches that sandbox applications or isolate processes are garnering increased attention. Researcher Joanna Rutkowska and Invisible Things Lab were the latest to go in that direction with the official release on...

F*EX 20100208 Cross Site Scripting

------------------------------------------------------------------------ FEX = 20100208 Cross Site Scripting Vulnerabilities ------------------------------------------------------------------------ title.............: FEX = 20100208 Cross Site Scripting Vulnerabilities author............:...

[SECURITY] Fedora 9 Update: mldonkey-3.0.0-1.fc9

MLDonkey is a door to the 'donkey' network, a decentralized network used to exchange big files on the Internet. It is written in a wonderful language, called Objective-Caml, and present most features of the basic Windows donkey client, plus some more: - It should work on most UNIX-compatible...

[SECURITY] Fedora 9 Update: mldonkey-2.9.7-3.fc9

MLDonkey is a door to the 'donkey' network, a decentralized network used to exchange big files on the Internet. It is written in a wonderful language, called Objective-Caml, and present most features of the basic Windows donkey client, plus some more: - It should work on most UNIX-compatible...

w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities

netVigilance Security Advisory 14 w-agora version 4.2.1 Multiple Path Disclosure Vulnerabilities Description: w-agora is a set of scripts written in PHP. This package is intended to allow users to share, exchange and publish information, files and discussions over the web. Multiple path disclosur...

Apple Mac OS X with Bluetooth enabled may allow file exchange without prompting users

Overview Apple Mac OS X with Bluetooth support may unintentionally allow files to be exchanged with other systems by default. Description Mac OS X includes support for the Bluetooth networking protocol suite. Bluetooth is a communication technology that enables short-range communication between...

CVE-2005-1332

CVE-2005-1332 pertains to Mac OS X 10.3.9, where Bluetooth is enabled by default and the Bluetooth file exchange service may be active without user notification. This allows remote attackers to access files and local users to access files via the default transfer directory. Apple addressed the is...

CVE-2005-1332

Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory...

CVE-2005-1332

Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory...

Apple Mac OSX 10.x - BlueTooth Directory Traversal

source: https://www.securityfocus.com/bid/13491/info Apple Mac OS X is prone to a directory-traversal vulnerability. Since the software fails to sufficiently sanitize input, a remote attacker could use the Bluetooth file- and object-exchange services to access files outside the default...