CVE-2019-12174

hide.me before 2.4.4 on macOS suffers from a privilege escalation vulnerability in the connectWithExecutablePath:configFilePath:configFileName method of the mehidevpnhelper.Helper class in the me.hide.vpnhelper macOS privilege helper tool. This method takes user-supplied input and can be used to...

Wacom update helper tool startProcess privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to...

CVE-2018-4008

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...

(Pwn2Own) Apple macOS task_set_special_port Port Overwrite Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

Apple iOS backboardd Double Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple iOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the backboardd service...

Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance khuploadfile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Moonshot Provisioning Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the khuploadfile.cgi file. The issue results...

QNAP QTS authLogin Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of QNAP QTS. Authentication is not required to exploit this vulnerability. The specific flaw exists within authLogin.cgi. When parsing the X-Forwarded-For header, the process does not properly validat...

Hewlett Packard Enterprise Intelligent Management Center flexFileUpload Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specif...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to email protected e469cf49-4de3-4658-8419-ab42837916ad. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

AlienVault Unified Security Management nfcapd Process_ipfix_template_withdraw Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault Unified Security Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within nfcapd's Processipfixtemplatewithdraw function. The issue resul...

ARRIS VAP2500 list_mac_address cmb_macaddrfilter Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ARRIS VAP2500. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the cmbmacaddrfilter parameter provided to the listmacaddress.php...

ARRIS VAP2500 config_wds Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ARRIS VAP2500. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the various txtmac parameters provided to the configwds.php management porta...

ARRIS VAP2500 assoc_table Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ARRIS VAP2500. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the various txtmac parameters provided to the configwds.php management porta...

(0Day) Schneider Electric U.motion Builder Local Privilege Escalation Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the system configuration. The web administration account is s...

Trend Micro IWSVA PacFileManagement delete_pac_files Command Injection

A command injection vulnerability has been reported in Trend Micro InterScan Web Security Virtual Appliance IWSVA. The vulnerability exists due to improper validation of the HTTP request parameters when processing requests to the PacFileManagement servlet. A remote, authenticated attacker can...

Hewlett Packard Enterprise Cloud Optimizer DownloadServlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Cloud Optimizer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DownloadServlet servlet. The issue results from...

UBUNTU-CVE-2017-5662

In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a ful...

Trend Micro InterScan Web Security Virtual Appliance PacFileManagement Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the PacFileManagement servlet. The issue results from...

Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within ConfigIPNetwork's saveNetworkConfiguration method. A...