25 matches found
EUVD-2017-16577
Malware in sbrugna...
EUVD-2023-31025
Malicious code in bioql PyPI...
CVE-2023-27247
Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...
Design/Logic Flaw
An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...
Code injection
Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...
Cynet Client Agent 安全漏洞
Cynet Client Agent is a client agent from Cynet Corporation. A security vulnerability exists in Cynet Client Agent version 4.6.0.8010, which stems from a vulnerability that allows EDR protection to be disabled via a process's privilege token...
CVE-2023-27247
Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...
CVE-2021-30118
CVE-2021-30118 affects Kaseya VSA (RMM) prior to 9.5.7, via unauthenticated arbitrary file upload in the web UI path /SystemTab/uploader.aspx. The request can write files with arbitrary content to locations the web server can access (e.g., webroot) and, if code (ASPX) is uploaded, execute it in t...
CVE-2021-25646
Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and earlier, it is possible for an authenticated user to send a...
CVE-2017-2630
A stack buffer overflow flaw was found in the Quick Emulator QEMU before 2.9 built with the Network Block Device NBD client support. The flaw could occur while processing server's response to a 'NBDOPTLIST' request. A malicious NBD server could use this issue to crash a remote NBD client resultin...
RAR, UnRAR: Multiple vulnerabilities
Background RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files. Description Multiple vulnerabilities have been discovered in RAR and UnRAR. Please review the referenced CVE identifiers for details. Impact A remote attacker, by enticing a user to open a...
CVE-2017-2630
A stack buffer overflow flaw was found in the Quick Emulator QEMU built with the Network Block Device NBD client support. The flaw could occur while processing server's response to a 'NBDOPTLIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or...
Microsoft Windows multiple security vulnerabilities
Multiple Internet Explorer memory corruptions, kernel privilege escalation, group policies code execution and restrictions bypass, process creation privilege escalation, TIFF parsing information leakage...
Exhibit Engine 1.22 fetchsettings.php toroot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20793/info Exhibit Engine Software is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute...
Vulnerabilities in HVM MSI injection
ISSUE DESCRIPTION The implementation of the HVM control operation HVMOPinjectmsi, while checking whether a particular IRQ was already set up in the necessary way, fails to properly check all respective conditions. In particular it doesn't check the returned pointer for being non-NULL before de-...
GLSA-201206-05 : Asterisk: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201206-05 Asterisk: Multiple vulnerabilities Multiple vulnerabilities have been found in Asterisk: An error in manager.c allows shell access through the MixMonitor application, GetVar, or Status CVE-2012-2414. An error in...
Mac OSX平台下Opera浏览器的Adobe Flash Player存在未明漏洞
Adobe Flash Player是一款FLASH播放器。 Mac OSX平台下Opera浏览器的Adobe Flash Player存在未明安全问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 Adobe Flash Player 9.0.47.0 Adobe Flash Player 9.0.45.0 Adobe Flash Player 9.0.31.0 Adobe Flash Player 9.0.28.0 Adobe Flash Player 8.0.34.0 Adobe Flash Player 7.0.69.0...
Pidgin远程命令执行漏洞
BUGTRAQ ID: 24904 CNCAN ID:CNCAN-2007071609 Pidgin是一款支持多种协议的即时消息软件,旧名为Gaim。 Pidgin不正确处理用户提交的输入,远程攻击者可以利用漏洞以应用程序进程权限执行任意命令。 目前没有详细漏洞细节提供。 Pidgin 2.0.2 目前没有解决方案提供: http://pidgin.im/pidgin/home/...
OPeNDAP BES压缩文件远程命令执行漏洞
OPeNDAP是一款帮助研究者在不同格式中交换数据集的应用软件。 OPeNDAP服务程序的BES守护进程存在安全问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意代码。 攻击者可以发送特殊构建的压缩文件给受影响的服务器程序,导致BES守护程序在过滤压缩文件中的数据时出现问题而执行任意代码。 OPeNDAP Hyrax 1.2 OPeNDAP BES 3.4.2 + OPeNDAP Hyrax 1.2 升级程序: OPeNDAP BES 3.4.2 OPeNDAP bes-3.5.0.tar.gz...
Computer Associates BrightStor ARCserve Backup LGServer.EXE远程堆缓冲区溢出漏洞
Computer Associates BrightStor ARCserve Backup是一款企业级别的备份解决方案。 BrightStor ARCserve Backup包含的LGSERVER.EXE处理畸形报文存在问题,远程攻击者可以利用漏洞进行堆溢出攻击,可能以进程权限执行任意指令。 所有针对Mobile Backup服务进程LGSERVER.EXE监听在TCP 2200口的报文以"\x4e\x3d\x2c\x1b"序列开头,发送包含\x4e\x3d\x2c\x1b并追加65535字符的字符串可导致进程终止,可能导致任意代码执行。 Computer Associates...