5019 matches found
Windows 10 to Get Built-in Protection Against Most Ransomware Attacks
Ransomware Ransomware Everywhere Not a Single Place to Hide! But, Microsoft has a simple solution to this problem to protect millions of its users against most ransomware attacks. Two massive ransomware attacks — WannaCry and Petya also known as NotPetya — in a month have caused chaos and...
Code injection
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the...
CVE-2017-9841
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the...
CVE-2017-9841
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the...
Red Spider Multimedia Network Classroom has Memory Corruption, Override Vulnerability
RedSpider Multimedia Network Classroom is a software product that realizes multimedia network teaching in electronic classroom, multimedia network classroom or computer classroom. Starscream Multimedia Network Classroom handles folder paths with override and memory corruption vulnerabilities, an...
CVE-2017-9846
Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php movefolderfile call to move a .php file from the FTP folder into a web folder...
Directory traversal
Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php movefolderfile call to move a .php file from the FTP folder into a web folder...
CVE-2017-9846
Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php movefolderfile call to move a .php file from the FTP folder into a web folder...
Design/Logic Flaw
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-0295
Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability"...
Default credentials
Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability"...
CVE-2017-0295
Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability"...
CVE-2017-0295
CVE-2017-0295 affects Windows 10 (1703/1607) and Windows Server 2016. An authenticated user could modify the C:\Users\DEFAULT folder structure due to incorrect permissions on the DEFAULT folder contents (Windows Default Folder Tampering). Microsoft released security updates KB4022715 and related ...
IBM Storwize for Lenovo initialization USB drives contain malware - us
Lenovo Security Advisory: LEN-14957 Potential Impact: Malware infection on system used to launch initialization tool Severity: Medium Summary Description: Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo V3500, V3700 and V5000 Gen 1 storage systems...
Windows Default Folder Tampering Vulnerability
A tampering vulnerability exists in Microsoft Windows that could allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure. An attacker who successfully exploited this vulnerability could potentially modify files and folders that are synchronized the first time when a user...
KB4022715: Windows 10 Version 1607 and Windows Server 2016 June 2017 Cumulative Update
The remote Windows host is missing security update KB4022715. It is, therefore, affected by multiple vulnerabilities : - Multiple security bypass vulnerabilities exist in Device Guard. A local attacker can exploit these, via a specially crafted script, to bypass the Device Guard Code Integrity...