45 matches found
CVE-2024-20802
Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment...
CVE-2024-20802
Samsung DeX is affected by CVE-2024-20802 due to improper access control that allows the device owner to access other users’ notifications in a multi-user environment. Affected software: Samsung DeX prior to SMR Jan-2024 Release 1. Root cause: improper access control in the notification handling ...
CVE-2024-20802
Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment...
PT-2024-18708 · Samsung · Samsung Dex
Name of the Vulnerable Software and Affected Versions: Samsung DeX versions prior to SMR Jan-2024 Release 1 Description: The issue is related to improper access control, allowing the owner to access other users' notifications in a multi-user environment. Recommendations: For versions prior to SMR...
Selea CarPlateServer 4.0.1.6 Remote Program Execution
Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120 4.013201105 3.100200225 3.005191206 3.005191112 Summary: Our CPS Car Plate Server software is an advanced solution that can be installed on...
Selea CarPlateServer (CPS) 4.0.1.6 - Local Privilege Escalation Vulnerability
Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Local Privilege Escalation Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Local Privilege Escalation Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120...
Wavecrack - Web Interface For Password Cracking With Hashcat
A user-friendly Web interface to share an hashcat cracking box among multiple users with some pre-defined options. Screenshots The homepage Adding an hash to crack Seeing the results and some stats Outline This Web application can be used to launch asynchronous password cracks with hashcat. The...
Password Recovery Platform: Wavecrack
A user-friendly Web interface to share an hashcat cracking box among multiple users with some pre-defined options. Outline This Web application can be used to launch asynchronous password cracks with hashcat . The interface tries to be as user-friendly as possible and facilitates the password...
[Ghiro v0.1] Digital Image Forensic Analyzer
Sometime forensic investigators need to process digital images as evidence. There are some tools around, otherwise it is difficult to deal with forensic analysis with lot of images involved. Images contain tons of information, Ghiro extracts these information from provided images and display them...
CVE-2009-3369
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...
DEBIAN-CVE-2009-3369
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...
CVE-2009-3369
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...
Design/Logic Flaw
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...
CVE-2009-3369
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...
CVE-2009-3369
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...
CVE-2009-3369
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...
CVE-2009-3369
CVE-2009-3369 affects BackupPC 3.1.0 where CgiUserConfigEdit does not restrict ClientNameAlias in multi-user setups using SSH keys and Rsync, allowing remote authenticated users to read/write sensitive files by aliasing to another system during backup/restore. The issue is due to insufficient res...
[Full-disclosure] [ZH2005-16SA] Insecure temporary file creation in Skype for Linux
ZH2005-16SA Insecure temporary file creation in Skype for Linux Application: Skype for Linux Version affected: = 1.1.0.20 Vendor website : http://www.skype.com Author: Giovanni Delvecchio e-mail: [email protected] About Skype ======== Skype is a free program that uses the latest P2P technolog...
FreeBSD : wine -- information disclosure due to insecure temporary file handling (48a59c96-9c6e-11d9-a040-000a95bc6fae)
Due to insecure temporary file creation in the Wine Windows emulator, it is possible for any user to read potentially sensitive information from temporary registry files. When a Win32 application is launched by wine, wine makes a dump of the Windows registry in /tmp with name regxxxxyyyy.tmp ,...
ZH2005-02SA.txt
ZH2005-02SA Insecure tmp file creation in Wine 03/13/2005 Title: Insecure tmp file creation in Wine Author: Giovanni Delvecchio e-mail: [email protected] Version affected : Wine 20050211 and previous releases About Wine ======== from http://www.winehq.org/site/docs/wine-faq/index : Wine is a...