Lucene search
K

124 matches found

Microsoft CVE
Microsoft CVE
added 2019/08/13 7:0 a.m.38 views

LNK Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user...

9.3CVSS4.8AI score0.03766EPSS
Exploits0
OSV
OSV
added 2019/07/31 5:15 p.m.16 views

CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...

5.5CVSS6.6AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/07/31 5:15 p.m.24 views

CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...

6.5CVSS6.5AI score0.01079EPSS
Exploits1References3
NVD
NVD
added 2019/07/02 9:15 p.m.19 views

CVE-2017-11579

In the most recent firmware for Blipcare, the device provides an open Wireless network called "Blip" for communicating with the device. The user connects to this open Wireless network and uses the web management interface of the device to provide the user's Wi-Fi credentials so that the device ca...

7.1CVSS7AI score0.01559EPSS
Exploits1References3
OSV
OSV
added 2019/04/29 3:29 p.m.9 views

CVE-2019-5429

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory...

7.8CVSS7.6AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2019/04/29 3:29 p.m.21 views

CVE-2019-5429

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory...

7.8CVSS7.1AI score0.02484EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/04/29 2:13 p.m.24 views

CVE-2019-5429

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory...

7.8CVSS7.7AI score0.02484EPSS
Exploits0
Cvelist
Cvelist
added 2019/04/29 2:13 p.m.38 views

CVE-2019-5429

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory...

7.5AI score0.02484EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2018/12/31 8:0 p.m.6 views

CVE-2018-6336

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...

7.6AI score0.00486EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/19 12:0 a.m.10 views

F-Secure XFENCE and Little Flocker Command Execution Vulnerabilities

F-Secure XFENCE formerly Little Flocker is a suite of file protection utilities from the Finnish company F-Secure. The program prevents unauthorized access to files and protects against computer security threats such as malware and Trojans. A security vulnerability exists in F-Secure XFENCE and...

7.8CVSS7.8AI score0.00839EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/06/13 10:0 p.m.22 views

CVE-2018-10407

An issue was discovered in Carbon Black Cb Response. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicio...

5.6AI score0.00436EPSS
Exploits0References1
NVD
NVD
added 2018/04/17 9:29 p.m.15 views

CVE-2018-10192

IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability. The com.ipvanish.osx.vpnhelper LaunchDaemon implements an insecure XPC service that could allow an attacker to execute arbitrary code as the root user. IPVanish uses a third-party library for converting xpcobjectt...

10CVSS9.7AI score0.02413EPSS
Exploits0References1
Prion
Prion
added 2018/04/17 9:29 p.m.18 views

Privilege escalation

IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability. The com.ipvanish.osx.vpnhelper LaunchDaemon implements an insecure XPC service that could allow an attacker to execute arbitrary code as the root user. IPVanish uses a third-party library for converting xpcobjectt...

10CVSS9.6AI score0.02413EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/12/22 12:0 a.m.2 views

Golden Frog VyprVPN for macOS Elevation of Privilege Vulnerability

Golden Frog VyprVPN for macOS is a suite of VPN software for the macOS platform. An elevation of privilege vulnerability exists in versions of Golden Frog VyprVPN for macOS prior to 2.15.0.5828. An attacker can exploit this vulnerability by forcing the VyprVPN application to load a malicious...

7.8CVSS7.1AI score0.00796EPSS
Exploits0References1
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/05/04 4:29 p.m.35 views

Windows Defender ATP thwarts Operation WilySupply software supply chain cyberattack

Several weeks ago, the Windows Defender Advanced Threat Protection Windows Defender ATP research team noticed security alerts that demonstrated an intriguing attack pattern. These early alerts uncovered a well-planned, finely orchestrated cyberattack that targeted several high-profile technology...

7.5AI score
Exploits0
OSV
OSV
added 2016/09/16 9:27 a.m.7 views

MGASA-2016-0299 Updated perl-XSLoader packages fix security vulnerability

An arbitrary code execution can be achieved if loading code from untrusted current working directory despite the '.' is removed from @INC. Vulnerability is in XSLoader that uses caller information to locate .so file to load. If malicious attacker creates directory named eval 1 with malicious bina...

7.8CVSS7.9AI score0.00787EPSS
Exploits1References3
CNVD
CNVD
added 2016/09/06 12:0 a.m.2 views

ArcServe UDP Server Path Elevation of Privilege Vulnerability

Arcserve UDP is a unified data protection solution. The solution provides backup and recovery of all virtual and physical environments, global deduplication and more. An elevation of privilege vulnerability exists in Arcserve UDP. Allowing an attacker to exploit the vulnerability in the search pa...

6.9AI score
Exploits0References1
OSV
OSV
added 2015/09/08 7:20 a.m.11 views

MGASA-2015-0336 Updated hplip packages fix CVE-2015-0839

Updated hplip packages fix security vulnerability: It was reported that the hp-plugin utility, included in the hplip package, downloads a binary driver and verifies it via a key specified by the key's short ID. A man-in-the-middle attacker could use this flaw to generate a key with the expected...

8.1CVSS7.8AI score0.06296EPSS
Exploits0References3
CNVD
CNVD
added 2015/08/14 12:0 a.m.3 views

Microsoft Windows Mount Manager Local Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. Mount Manager is one of the mounter components. A local elevation of privilege vulnerability exists in Microsoft Windows Mount Manager, which can be exploited by an attacker to write a malicious binar...

7.2CVSS7AI score0.04339EPSS
Exploits1References1
CNVD
CNVD
added 2015/06/04 12:0 a.m.5 views

HP HP-Plugin Remote Code Execution Vulnerability

hplip is HP Linux graphics and printing software. A security vulnerability exists in HP-Plugin. Allows an attacker to generate a key using a short ID predicted by the vulnerability to trick a user into downloading a malicious binary to execute arbitrary code in the context of the affected...

8.1CVSS7.7AI score0.06296EPSS
Exploits0References1
Rows per page
Query Builder