CVE-2016-6140

CVE-2016-6140 affects SAP TREX 7.10 Revision 63. Remote attackers can write arbitrary files via RFC-Gateway vectors, linked to SAP Security Note 2203591. The issue enables file write with network access and no authentication required, with high/critical impact on confidentiality, integrity, and a...

CVE-2016-6138

SAP TREX 7.10 Revision 63 is affected by a directory traversal vulnerability (CVE-2016-6138). An unauthenticated remote attacker could read arbitrary files via unspecified vectors, as described in SAP Security Note 2203591. Root cause is insufficient input filtering in TREX, enabling traversal se...

CVE-2016-6148

SAP HANA DB 1.00.73.00.389160 allows remote attackers to cause a denial of service process termination or execute arbitrary code via vectors related to an IMPORT statement, aka SAP Security Note 2233136...

PHP exif_process_IFD_in_MAKERNOTE Information Disclosure Vulnerability

PHP is a widely used general-purpose scripting language that is particularly well suited for web development and can be embedded in HTML. An information disclosure vulnerability exists in the ext/exif/exif.c/exifprocessIFDinMAKERNOTE function in versions prior to PHP 5.5.38, 5.6.x prior to 5.6.24...

Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution

array "coderupgrade" = array "module" = "color", "files" = array"color.module" , "extensions" = array"module", "items" = array array"olddir"="test; $cmd;", "newdir"="test", "paths" = array "modulesbase" = "../../../", "filesbase" = "../../../../sites/default/files" ; $payload = serialize$a;...

CVE-2016-4619

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8317. Reason: This candidate is a reservation duplicate of CVE-2015-8317. Notes: All CVE users should reference CVE-2015-8317 instead of this candidate. All references and descriptions in this candidate have been removed to...

OpenJDK: insufficient restrictions on the use of custom ValueHandler (CORBA, 8079718)

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA...

Recycle Bin Files

Nessus was able to generate a list of all files found in $Recycle.Bin subdirectories. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid92429; scriptversion"1.6"; scriptcvsdate"Date: 2018/11/15 20:50:27"; scriptnameenglish:"Recycle Bin Files"; scriptsummaryenglish:"Repo...

Microsoft Windows PowerShell Execution Policy

Nessus was able to collect and report the PowerShell execution policy for the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if !definedfunc"nasllevel" || nasllevel 5200 exit0, "Not Nessus 5.2+"; if description scriptid92367; scriptversion"1.6";...

Windows 7 SP1 x86 Privilege Escalation

/ Exploit Title: Elevation of privilege on Windows 7 SP1 x86 Date: 28/06-2016 Exploit Author: @blomster81 Vendor Homepage: www.microsoft.com Version: Windows 7 SP1 x86 Tested on: Windows 7 SP1 x86 CVE : 2016-0400 MS16-014 EoP PoC created from...

New CryptXXX Can Evade Detection, Outsmart Decryption Tools

Tweet Crooks behind the fast spreading CryptXXX ransomware updated the latest variant with better encryption technology and new methods to evade detection by researchers. This latest version of CryptXXX was spotted by researchers at SentinelOne that say the new updated sample has already earned...

SAP NetWeaver AS JAVA 7.5 Information Disclosure

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: information disclosure Sent: 04.12.2015 Reported: 05.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2255990 Author: Vahagn...

SAP NetWeaver AS JAVA 7.1 7.5 - Directory Traversal

SAP NetWeaver AS JAVA 7.1 7.5 - Directory Traversal Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: Directory traversal Sent: 29.09.2015 Reported: 29.09.2015 Vendor response: 30.09.2015 Date of Public Advisory: 08.03.2016...

SAP NetWeaver AS JAVA 7.1 < 7.5 - ctcprotocol Servlet XXE

Exploit for java platform in category web applications Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: XXE Sent: 20.10.2015 Reported: 21.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 08.03.2016 Reference: SAP...

SAP NetWeaver AS JAVA 7.1 < 7.5 - Directory Traversal

Exploit for java platform in category web applications Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: Directory traversal Sent: 29.09.2015 Reported: 29.09.2015 Vendor response: 30.09.2015 Date of Public Advisory: 08.03.2016...

SAP NetWeaver AS JAVA 7.1 &lt; 7.5 - &#039;ctcprotocol Servlet&#039; XML External Entity

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: XXE Sent: 20.10.2015 Reported: 21.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2235994 Author: Vahagn Vardanyan ERPScan...

SAP NetWeaver AS JAVA 7.5 Cross Site Scripting

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: XSS Sent: 20.10.2015 Reported: 21.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2238375 Author: Vahagn Vardanyan ERPScan...

SAP NetWeaver AS JAVA 7.5 Directory Traversal

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: Directory traversal Sent: 29.09.2015 Reported: 29.09.2015 Vendor response: 30.09.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2234971 Author: Vahagn...

SAP NetWeaver Java 7.5 XXE

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 10.01.2017 Reference: SAP Security Note 2347439 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE Impact: Denial of...

SAP NetWeaver AS Java getUserUddiElements SQL Injection

Application: SAP NetWeaver AS Java Versions Affected: SAP NetWeaver AS Java ES UDDI 7.11 – 7.5 Vendor URL: SAP Bugs: SQL injection Reported: 17.06.2016 Vendor response: 17.06.2016 Date of Public Advisory: 10.01.2017 Reference: SAP Security Note 2356504 Author: Vahagn Vardanyan ERPScan VULNERABILI...