CVE-2023-30714

Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock...

CVE-2023-30714

Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock...

Authorization

Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock...

CVE-2023-30714

Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock...

CVE-2023-30714

Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock...

CVE-2023-30714

The CVE-2023-30714 issue affects Samsung One UI Home’s FolderContainerDragDelegate. It is an improper authorization vulnerability that, with physical access, permits changing some folder lock settings. Root cause: inadequate authorization checks in the FolderContainerDragDelegate component. Impac...

CVE-2023-30713

Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock...

PT-2023-22915 · Samsung · One Ui Home

Name of the Vulnerable Software and Affected Versions: One UI Home versions prior to SMR Sep-2023 Release 1 Description: The issue is related to an improper authorization vulnerability in the FolderContainerDragDelegate component. This vulnerability allows physical attackers to change some settin...

NetScaler EPA scan fails on Mac OS Client

EPA scan fails on Mac OS client only, libs folder is missing in /Library/Application Support/Citrix. Note: Where the symbol indicates the relevant Mac OS user's home directory path...

Exploit for External Control of File Name or Path in Moodle

🇮🇱 BringThemHome NeverAgainIsNow 🇮🇱 We demand the...

Citrix ShareFile StorageZones file upload

Added: 08/28/2023 Background ShareFile is a file sharing service. StorageZones are user-maintained storage for ShareFile data. Problem A vulnerability in ShareFile StorageZones Controller allows remote attackers to upload arbitrary files, leading to command execution. Resolution Upgrade to...

Citrix ShareFile StorageZones file upload

Added: 08/28/2023 Background ShareFile is a file sharing service. StorageZones are user-maintained storage for ShareFile data. Problem A vulnerability in ShareFile StorageZones Controller allows remote attackers to upload arbitrary files, leading to command execution. Resolution Upgrade to...

PT-2023-27494 · Lg · Lg Simple Editor

Name of the Vulnerable Software and Affected Versions: LG Simple Editor affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of LG Simple Editor. To exploit this, an attacker must first obtain the ability to execute...

CVE-2023-38831

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file such as an ordinary .JPG file and also a folder that has the same name as the benign file, and the...

PT-2023-9228 · Trend Micro · Trend Micro Apex One

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. The vulnerability is related to...

DoorGets CMS 12 Information Disclosure

==================================================================================================================================== | Title : DoorGets CMS v12 Sensitive information disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firef...

Inosoft VisiWin 安全漏洞

Inosoft VisiWin is a software platform for human machine interface HMI and process data visualization from Inosoft Corporation. A security vulnerability exists in Inosoft VisiWin version 7 2022-2.1 that originates from the creation of an insecure folder during installation, which could allow a...

Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Vulnerability

Exploit Title: Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Privilege Escalation Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://www.inosoft.com/ Version: Up to 2022-2.1 Runtime RT7.3 RC3 20221209.5 Tested on: Windows CVE: CVE-2023-31468 Inoso...

TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions

Exploit Title: TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.2.14 Tested on: Windows CVE : CVE-2023-31067 TSplus Remote Access v...

Information Disclosure

org.jenkins-ci.plugins, cloudbees-folder is vulnerable to Information Disclosure. The vulnerability exists because the library does not properly restrict the organization folder log file location, which allows an attacker to gain access to sensitive information in the system...