10 matches found
Splunk Universal Forwarder 安全漏洞
Splunk Universal Forwarder is a Splunk component from Splunk, Inc. A security vulnerability exists in Splunk Universal Forwarder versions prior to 9.4.2, prior to 9.3.4, prior to 9.2.6, and prior to 9.1.9 that stems from improperly assigned installation directory permissions...
The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in the improper configuration of the catalog resolution setting, which allows attackers to escalate their privileges.
The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to the improper installation of the catalog resolution. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2023-25542
Dell Trusted Device Agent, versions prior to 5.3.0, contains an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges...
Information disclosure
Dell Trusted Device Agent, versions prior to 5.3.0, contains an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges...
Jenkins Vulnerable to Denial of Service (DoS)
Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service improper plug-in and tool installation via crafted update center data...
cactushop-mdb.txt
Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...
CACTUSHOP 6 Default Installation Allows Remote Database Disclosure
Cactushop V6 allows remote users to download the database which contains creditcard numbers and critical information. The affected carts default installation gives away the path to database file. As a result, an attacker exploiting this vulnerability will be able to obtain detailed private custom...
CVE-2001-0136
ProFTPD 1.2.0rc2 is affected by a memory leak that can be exploited to cause DoS via a sequence of USER commands and, if the server is installed with a writable scoreboard, possibly SIZE commands. Mandrake advisory notes the USER and SIZE leaks (SIZE only when scoreboard is writable) and mentions...
Digital Ultrix 4.04.1 - usrbinchroot Local Privilege Escalation
Digital Ultrix 4.04.1 - usrbinchroot Local Privilege Escalation source: https://www.securityfocus.com/bid/17/info By default, /usr/bin/chroot is improperly installed in Ultrix versions 4.0 and 4.1. Anyone can execute /usr/bin/chroot this can lead to system users to gain unauthorized privileges. $...
Digital Ultrix 4.0/4.1 - '/usr/bin/chroot' Local Privilege Escalation
source: https://www.securityfocus.com/bid/17/info By default, /usr/bin/chroot is improperly installed in Ultrix versions 4.0 and 4.1. Anyone can execute /usr/bin/chroot this can lead to system users to gain unauthorized privileges. $ mkdir /tmp/etc $ echo root::0:0::/:/bin/sh /tmp/etc/passwd $...