Radiflow iSAP Smart Collector 安全漏洞

Radiflow iSAP Smart Collector is a remote traffic collection and forwarding device designed for industrial networks from Radiflow USA. A security vulnerability exists in the Radiflow iSAP Smart Collector that originates from a vpuser user being able to read the entire file system contents,...

CVE-2022-24562

In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system with admin privileges on the victim's endpoint, which can result in data theft and remote code execution...

CVE-2011-3632

Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks...

Code injection

SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain "full file system access" and execute arbitrary code...

Multiple Vulnerabilities in AlternC version 0.9.5

ground418 security advisory Date: 28-11-2006 Subject: Multiple Vulnerabilities in AlternC version 0.9.5 and below. Author: Vincent Audet Mnard [email protected] Original File: http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt Related Files:...