17 matches found
EUVD-2023-57355
Malicious code in bioql PyPI...
CVE-2021-25225
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. An attacker must first obtain the ability to...
BIT-GITLAB-2023-3932 Incorrect User Management in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to run pipeline jobs as an arbitrary user via scheduled security scan...
CVE-2023-5009
Removed by vendor...
CVE-2021-25225
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. An attacker must first obtain the ability to...
CVE-2021-25225
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. An attacker must first obtain the ability to...
CVE-2021-25225
CVE-2021-25225 affects Trend Micro ServerProtect for Linux 3.0. The vulnerability is in the splx_schedule_scan component and is due to lack of validation of user-supplied data, which can lead to memory exhaustion and denial of service. Exploitation details vary by source: ZDI-21-086 describes rem...
CVE-2021-25225
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. An attacker must first obtain the ability to...
Qualys Cloud Platform 2.35 New Features
This release of the Qualys Cloud Platform version 2.35 includes updates and new features for AssetView, Cloud Agent, Security Assessment Questionnaire, and Web Application Scanning, highlights as follows. Note: this post has been edited after publishing to remove the Rule-Based Method to...
Microsoft Windows Defender AV: Specify the day of the week to run a scheduled scan
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavspecifydayscheduledscan.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Specify the day of the week to run a scheduled scan Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Code injection
The GUI nod32.exe in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors...
CVE-2006-0951
The GUI nod32.exe in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors...
CVE-2006-0951
The GUI nod32.exe in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors...
CVE-2006-0951
The CVE-2006-0951 entry concerns the NOD32 2.5 GUI (nod32.exe). The vulnerability arises because during a scheduled on-demand scan, the GUI runs with SYSTEM privileges, enabling local users to execute arbitrary code via unspecified attack vectors. Affected component: nod32.exe GUI within NOD32 2....