Windows Shell Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require unprivileged execution on the...

DEBIAN-CVE-2019-9858

Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the HordeFormTypeimage method onSubmit is called on uploads, it invokes the functions getImage and getUpload, which uses...

CVE-2019-9858

Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the HordeFormTypeimage method onSubmit is called on uploads, it invokes the functions getImage and getUpload, which uses...

PT-2019-18304 · Samsung · Samsung Knox

Name of the Vulnerable Software and Affected Versions: Samsung Knox version 1.2.02.39 Description: This issue allows local attackers to disclose sensitive information on affected installations. An attacker must first obtain physical access to the device to exploit this. The flaw exists within the...

Samsung Knox Secure Folder Lock Screen Bypass Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerability installations of Samsung Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock...

Trint Ltd: IDOR to update folder name of other user

Summary There is an IDOR to update folder name of other user Steps To Reproduce: - user A login to the application and see the folder name F494331 - user B login to the application and call the API with the projectId of user A POST / HTTP/1.1 Host: graphql2.trint.com User-Agent: Mozilla/5.0 Windo...

Microsoft Windows (x86) - Task Scheduler .job Import Arbitrary Discretionary Access Control List Write Local Privilege Escalation

Microsoft Windows x86 - Task Scheduler .job Import Arbitrary Discretionary Access Control List Write Local Privilege Escalation Task Scheduler .job import arbitrary DACL write Tested on: Windows 10 32-bit Bug information: There are two folders for tasks. c:\windows\tasks c:\windows\system32\tasks...

CVE-2019-0976

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder by default "obj", aka 'NuGet Package Manager Tampering Vulnerability'...

CVE-2019-0976

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder by default "obj", aka 'NuGet Package Manager Tampering Vulnerability'...

CVE-2019-0976

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder by default "obj", aka 'NuGet Package Manager Tampering Vulnerability'...

CVE-2019-0976

CVE-2019-0976 describes a tampering vulnerability in the NuGet Package Manager for Linux and Mac. An authenticated attacker could modify contents of the intermediate build folder (by default obj), potentially affecting binaries produced by a build. The root cause cited in the Microsoft advisory i...

CVE-2019-0976

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder by default "obj", aka 'NuGet Package Manager Tampering Vulnerability'...

NuGet Package Manager Tampering Vulnerability

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder by default “obj”. An attacker who successfully exploited this vulnerability could potentially modify files and folders tha...

PT-2019-12634 · Samsung · Containeragent +3

Name of the Vulnerable Software and Affected Versions: Samsung S9+, S10, and XCover 4 P version 9.0 Description: The issue affects Samsung devices, causing them to become temporarily inoperable due to an unprotected intent in the ContainerAgent application. This can result in the victim becoming...

Admin Express 1.2.5.485 - 'Folder Path' Local SEH Alphanumeric Encoded Buffer Overflow

Title: Admin Express v1.2.5.485 'Folder Path' Local SEH Alphanumeric Encoded Buffer Overflow Date: May 6th, 2019 Author: Connor McGarr https://connormcgarr.github.io Vendor Homepage: https://admin-express.en.softonic.com/ Software Link: https://admin-express.en.softonic.com/download Version...

CVE-2018-18276

XSS exists in the ProFiles 1.5 component for Joomla! via the name or path parameter when creating a new folder in the administrative panel...

RARLAB WinRAR ACE Format Input Validation Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework TODO: add other non-payload files class MetasploitModule 'RARLAB WinRAR ACE Format Input Validation Remote Code Execution', 'Description' = %q In WinRAR versions prior t...

RARLAB WinRAR ACE Format Input Validation Remote Code Execution Exploit

In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format in UNACEV2.dll. When the filename field is manipulated with specific patterns, the destination extraction folder is ignored, thus treating the filename as an...

AdminExpress 1.2.5 Denial Of Service

-- coding: utf-8 -- !/usr/bin/python Exploit Title: AdminExpress 1.2.5 - Denial of Service PoC Date: 2019-04-12 Exploit Author: Mücahit İsmail Aktaş Software Link: https://admin-express.en.softonic.com/ Version: 1.2.5.485 Tested on: Windows XP Professional SP2 Description: 1 Click the "System...

AdminExpress 1.2.5 - Folder Path Denial of Service Exploit

-- coding: utf-8 -- !/usr/bin/python Exploit Title: AdminExpress 1.2.5 - Denial of Service PoC Date: 2019-04-12 Exploit Author: Mücahit İsmail Aktaş Software Link: https://admin-express.en.softonic.com/ Version: 1.2.5.485 Tested on: Windows XP Professional SP2 Description: 1 Click the "System...