27 matches found
CVE-2021-25392
Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive information via changing the path...
GHSA-M898-H4PM-PQFR Arbitrary code execution due to an uncontrolled search path for the git binary
Impact The go language recently addressed a security issue in the way that binaries are found before being executed. Some operating systems like Windows persist to have the current directory being part of the default search path, and having priority over the system-wide path. This means that it's...
CVE-2020-3980
VMware Fusion 11.x contains a privilege escalation vulnerability due to the way it allows configuring the system wide path. An attacker with normal user privileges may exploit this issue to trick an admin user into executing malicious code on the system where Fusion is installed...
KLA12099 Multiple vulnerabilities in VMware Workstation and Player
Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A out of bounds read vulnerability in Cortado ThinPrin...
CVE-2019-18997
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting...
PB610 HMISimulator provides interface with access to arbitrary files
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting...
Moderate: Red Hat Security Advisory: mailman security and bug fix update
Updated mailman packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...