5058 matches found
CVE-2020-0777
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866,...
CVE-2020-10458
Path Traversal in admin/imagepaster/operations.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete any folder on the webserver using a dot-dot-slash sequence ../ via the GET parameter crdir, when the GET parameter action is set to df, causing a Denial of Service...
CVE-2020-10458
The Red Hat and CNVD entries, plus the primary CVE listing, confirm a path-traversal flaw in Chadha PHPKB Standard Multi-Language 9. Affected component: admin/imagepaster/operations.php. Root cause: using a dot-dot-slash sequence (../) via the crdir parameter when action=df, enabling deletion of ...
Microsoft Windows Work Folder Service Elevation of Privilege Vulnerability (CNVD-2020-17162)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Microsoft Windows Work Folder servic...
Microsoft Windows Work Folder Service Elevation of Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Microsoft Windows Work Folder servic...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
DEBIAN-CVE-2020-1737
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...
PYSEC-2020-9
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...
CVE-2020-1737
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...
PYSEC-2020-9
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...
CVE-2020-1737
A flaw was found in the Ansible Engine when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path...
HomeGuard Pro 9.3.1 - Insecure Folder Permissions Vulnerability
Exploit Title: HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Author: boku Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/hg-pro/exe/HomeGuardPro-Setup.exe Version 9.3.1 Tested On: Windows 10 32-bit HomeGuard Pro v9.3.1 - Unquoted Service Path + Insecu...
SprintWork 2.3.1 Local Privilege Escalation
Exploit Title: SprintWork 2.3.1 - Local Privilege Escalation Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/spx/exe/SprintWork-Setup.exe Version: 2.3.1 Tested On: Windows 10 32-bit Vulnerability Overview: SprintWork v2.3.1 x8...