27 matches found
EUVD-2003-0044
Malware in sbrugna...
EUVD-2003-0043
Malware in sbrugna...
EUVD-2003-0042
Malware in sbrugna...
EUVD-2021-8722
Malicious code in bioql PyPI...
CVE-2020-14480
Due to usernames/passwords being stored in plaintext in Random Access Memory RAM, a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials...
CVE-2020-14480
CVE-2020-14480 affects Rockwell Automation’s FactoryTalk View SE . The vulnerability stems from usernames/passwords being stored in plaintext in RAM, enabling a local, authenticated attacker to access credentials, including Windows logon credentials. Affected products include FactoryTalk View SE ...
CVE-2020-14480
Due to usernames/passwords being stored in plaintext in Random Access Memory RAM, a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials...
Authorization
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on th...
CVE-2021-21448
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on th...
CVE-2021-21448
CVE-2021-21448 affects SAP GUI for Windows (version 7.60). The issue allows an attacker with local access and at least OS user privileges to spoof logon credentials for Application Server ABAP backend systems by manipulating client memory, potentially accessing restricted information. Exploitatio...
Rockwell Automation FactoryTalk View SE
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low skill level to exploit Vendor: Rockwell Automation Equipment: FactoryTalk View SE Vulnerabilities: Cleartext Storage of Sensitive Information, Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead...
Schneider Electric StruxureWare Building Expert Plaintext Credentials Vulnerability
OVERVIEW Independent researcher Artyom Kurbatov has identified a cleartext transmission vulnerability in Schneider Electric’s StruxureWare Building Expert product. Schneider Electric has produced a new firmware version that mitigates this vulnerability. Artyom Kurbatov has tested the new firmware...
Microsoft Windows win32k.sys Dangling Pointer Privilege Escalation Vulnerability
This vulnerability allows for elevation of privilege on vulnerable installations of Microsoft Windows. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The specific flaw exists within the usage of Cursor objects. The issue lies in the...
Computer Associates Alert Notification Buffer Overflow
No description provided by source. $Id: etrustitmalert.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
MS10-098: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)
The remote host is running a version of Windows that contains a flaw in the kernel that may lead to a privilege escalation by running a specially crafted application. To exploit this vulnerability an attacker must have valid logon credentials and be able to log on locally. C Tenable Network...
Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege 981957 Published: October 12, 2010 Version: 1.0 General Information Executive Summary This security update resolves several publicly disclosed vulnerabilities in the...
Microsoft Security Bulletin MS10-011 - Important Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037)
Microsoft Security Bulletin MS10-011 - Important Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege 978037 Published: February 09, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in...
PT-2009-3199 · Microsoft · Windows Http Services +3
Name of the Vulnerable Software and Affected Versions: Windows HTTP Services versions 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 WinINet in Microsoft Internet Explorer versions 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Serve...
CheckPoint SecuRemote / Secure Client weak permissions
Cached logon credentials are stored in registry key accessed by everyone group...
XSS vulnerability in Blojsom
I. BACKGROUND Taken from the Blojsom Website : "Blojsom is a Java-based, full-featured, multi-blog, multi-user software package that was inspired by blosxom. blojsom aims to retain a simplicity in design while adding flexibility in areas such as the flavors, templating, plugins, and the ability t...