127 matches found
CVE-2015-7489
IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions Everyone: Write for Python scripts, which allows local users to gain privileges by modifying a script...
Code injection
IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions Everyone: Write for Python scripts, which allows local users to gain privileges by modifying a script...
CVE-2015-7489
IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions Everyone: Write for Python scripts, which allows local users to gain privileges by modifying a script...
CVE-2015-7489
CVE-2015-7489 affects IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7. The root cause is that Python scripts are written with permissive, globally writable permissions (Everyone: Write), enabling a local user to modify a script and potentially execute privileged actions. The IBM ...
REXT - Router Exploitation Toolkit
Small toolkit for easy creation and usage of various python scripts that work with embedded devices. core - contains most of toolkits basic functions databases - contains databases, like default credentials etc. interface - contains code that is being used for the creation and manipulation with...
rext
Router Exploitation Toolkit - REXT =============================...
Security auditing tool for AWS: AWS Scout2
Scout2 is an open source tool that helps assessing the security posture of AWS environments. Using the AWS API, the Scout2 Python scripts fetch CloudTrail, EC2, IAM, RDS, and S3, configuration data. The gathered configuration is analysed and stored as JSON objects in several JavaScript files. The...
RHEL 6 : Virtualization Manager (RHSA-2012:1506)
Red Hat Enterprise Virtualization Manager 3.1 is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each vulnerability from the C...
PYSEC-2014-41
pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service memory consumption via a large value, related to formatColumns...
PYSEC-2014-48
pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service infinite loop via an RSS feed request for a folder the user does not have permission to access...
PYSEC-2014-36
Cross-site scripting XSS vulnerability in pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "u,translate."...
PYSEC-2014-37
pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to "goback."...
PYSEC-2014-30
pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject...
Sudo 1.6.x Environment Variable Handling Security Bypass Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A local attacker with the...
CVE-2011-4355
GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...
UBUNTU-CVE-2011-4355
GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...
Design/Logic Flaw
GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...
CVE-2011-4355
GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...
CVE-2011-4355
GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...
CVE-2011-4355
GNU Project Debugger GDB before 7.5, when .debuggdbscripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts...