262 matches found
JVN#19386781: STAMP Workbench installer may insecurely load Dynamic Link Libraries
STAMP Workbench is a modeling tool for STAMP provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA. It is distirbuted as a ZIP archive or an Windows executable installer. The Windows executable installer contains an issue with the DLL search path, which may lead to insecurely loading...
Code injection
openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system characteristics document with the ovaldi integrated tool enabled. A local attacker could use this flaw to conduct symlink attacks to overwrite arbitrary files on the system...
CVE-2014-1937
Gamera before 3.4.1 insecurely creates temporary files...
CVE-2011-5271
Pacemaker before 1.1.6 configure script creates temporary files insecurely...
Design/Logic Flaw
TYPO3 before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness during generation of a hash with the "forgot password" function...
Design/Logic Flaw
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files...
CVE-2013-4374
CVE-2013-4374 describes an insecure temporary file storage vulnerability in the RHQ MongoDB Drift Server up to 2013-09-25, triggered when unpacking zipped files. The flaw causes unpacked files to land in a world-writable directory, which could permit local attackers to modify/tamper with files an...
CVE-2013-4374
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files...
WeWork's Wi-Fi Is Woefully Insecure
The Saudi oil strike, a license plate privacy disaster, and more of the week's top security news...
CVE-2017-18460
cPanel before 62.0.17 allows arbitrary code execution during automatic SSL installation SEC-221...
CVE-2018-20886
cPanel before 74.0.0 insecurely stores phpMyAdmin session files SEC-418...
CVE-2019-1994
CVE-2019-1994 affects Android 8.0–9 where DevelopmentTiles.java could leave development settings accessible due to an insecure default. This Elevation of Privilege vulnerability could grant access to development settings with no extra privileges; exploitation requires user interaction. Affected s...
CVE-2019-7674
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the "aaaaa" password, considered insecure for some use cases, from a user...
Buying Used Voting Machines on eBay
This is not surprising: This year, I bought two more machines to see if security had improved. To my dismay, I discovered that the newer model machines -- those that were used in the 2016 election -- are running Windows CE and have USB ports, along with other components, that make them even easie...
JVN#92265618: LINE for Windows may insecurely load Dynamic Link Libraries
LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software. If a user launches LINE for Windows by clicking the specially crafted link prepared by a remote attacker, it may result in insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code...
GitBucket 4.23.1 - Remote Code Execution Exploit
Exploit for java platform in category web applications Exploit Title: GitBucket 4.23.1 Unauthenticated RCE Software Link: https://github.com/gitbucket/gitbucket Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1...
CVE-2018-10252
An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. The admin login session cookie is insecurely generated making admin session hijacking possible. When an admin logs in, a session cookie is generated using the time of day rounded to 10ms. Since the web server returns its...
CVE-2015-9166
CVE-2015-9166 concerns DRM provisioning in QSEE-based components on Qualcomm Snapdragon platforms. The issue arises because the finalize_prov_flag.data mechanism, intended to prevent further provisioning after initial provisioning, is not sufficiently checked, allowing provisioning to proceed eve...
CVE-2018-0023
JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. The default configuration and sample files of JSNAPy automation tool versions prior to 1.3.0 are created world writable. This insecure file and directory permission allows...
Insecure Randomness
django-oscar is contains a insecure randomness vulnerability. The vulnerability exists as the verificationhash method in the AbstractOrder model uses the MD5 hashing algorithm in an insecure way which allows attackers to perform a brute force attack to recover the site-wide secret key...