5020 matches found
ownCloud Remote Elevation of Privilege Vulnerability
ownCloud is a free and open source personal cloud storage solution from the German company ownCloud, which provides file management, music storage, calendaring and other features. ownCloud server is a server version. There is a security vulnerability in ownCloud Server. An attacker can utilize th...
Windows 10 to Get Built-in Protection Against Most Ransomware Attacks
Ransomware Ransomware Everywhere Not a Single Place to Hide! But, Microsoft has a simple solution to this problem to protect millions of its users against most ransomware attacks. Two massive ransomware attacks — WannaCry and Petya also known as NotPetya — in a month have caused chaos and...
Code injection
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the...
CVE-2017-9841
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the...
CVE-2017-9841
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the...
Red Spider Multimedia Network Classroom has Memory Corruption, Override Vulnerability
RedSpider Multimedia Network Classroom is a software product that realizes multimedia network teaching in electronic classroom, multimedia network classroom or computer classroom. Starscream Multimedia Network Classroom handles folder paths with override and memory corruption vulnerabilities, an...
CVE-2017-9846
Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php movefolderfile call to move a .php file from the FTP folder into a web folder...
Directory traversal
Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php movefolderfile call to move a .php file from the FTP folder into a web folder...
CVE-2017-9846
Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php movefolderfile call to move a .php file from the FTP folder into a web folder...
Design/Logic Flaw
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-9606
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...
CVE-2017-0295
Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability"...
Default credentials
Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability"...
CVE-2017-0295
Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability"...
CVE-2017-0295
CVE-2017-0295 affects Windows 10 (1703/1607) and Windows Server 2016. An authenticated user could modify the C:\Users\DEFAULT folder structure due to incorrect permissions on the DEFAULT folder contents (Windows Default Folder Tampering). Microsoft released security updates KB4022715 and related ...
IBM Storwize for Lenovo initialization USB drives contain malware - us
Lenovo Security Advisory: LEN-14957 Potential Impact: Malware infection on system used to launch initialization tool Severity: Medium Summary Description: Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo V3500, V3700 and V5000 Gen 1 storage systems...
Windows Default Folder Tampering Vulnerability
A tampering vulnerability exists in Microsoft Windows that could allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure. An attacker who successfully exploited this vulnerability could potentially modify files and folders that are synchronized the first time when a user...