Lucene search
K

69 matches found

NVD
NVD
added 2020/02/25 9:15 p.m.18 views

CVE-2019-4000

Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges...

7.8CVSS7.8AI score0.00733EPSS
Exploits1References1
OSV
OSV
added 2020/02/25 9:15 p.m.2 views

CVE-2019-4000

Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges...

7.8CVSS7.4AI score0.00733EPSS
Exploits1References1
CVE
CVE
added 2020/02/25 8:28 p.m.74 views

CVE-2019-4000

CVE-2019-4000 affects Druva inSync Mac OS Client 6.5.0. The root cause is improper neutralization of directives in dynamically evaluated code, allowing a local, authenticated attacker to execute arbitrary Python expressions with root privileges. The vulnerability is described as a locally exploit...

7.8CVSS7.7AI score0.00733EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/02/25 8:28 p.m.15 views

CVE-2019-4000

Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges...

7.8AI score0.00733EPSS
Exploits1References1
OSV
OSV
added 2020/02/25 7:15 p.m.1 views

CVE-2019-3999

Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

7.8CVSS6AI score
Exploits0References3
NVD
NVD
added 2020/02/25 7:15 p.m.24 views

CVE-2019-3999

Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

7.8CVSS8.1AI score0.08566EPSS
Exploits7References3
Prion
Prion
added 2020/02/25 7:15 p.m.18 views

Command injection

Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

7.2CVSS8AI score0.08566EPSS
Exploits7References3Affected Software1
Cvelist
Cvelist
added 2020/02/25 6:15 p.m.36 views

CVE-2019-3999

Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

8.1AI score0.08566EPSS
Exploits7References3
CVE
CVE
added 2020/02/25 6:15 p.m.167 views

CVE-2019-3999

CVE-2019-3999 affects Druva inSync Windows Client (notably versions around 6.5.0/6.5.2). A local, unauthenticated attacker can exploit improper neutralization of special elements in the inSyncCPHwnet64 RPC service (on TCP port 6064) to execute arbitrary OS commands with SYSTEM privileges, i.e., a...

7.8CVSS8AI score0.08566EPSS
Exploits7References3Affected Software1
Rows per page
Query Builder