40 matches found
The vulnerability in the driver for the Early Launch Antimalware (ELAM) security technology of Microsoft Windows allows a malicious actor to bypass security functions.
The vulnerability of the driver for the Early Launch Antimalware ELAM security technology for Microsoft Windows relates to the disclosure of information. Exploiting this vulnerability could allow a hacker to bypass security functions...
CVE-2020-17533
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
CVE-2020-17533
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
Code injection
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
CVE-2020-17533 Apache Accumulo Improper Handling of Insufficient Permissions
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...
The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges
The vulnerability of the Windows operating system’s kernel is related to the bypassing of security functions. Exploiting this vulnerability can allow an attacker to increase their privileges...
Vulnerability of Windows operating systems related to bypassing security functions, allowing attackers to escalate their privileges
Vulnerabilities of Windows operating systems are related to bypassing security functions. Exploiting these vulnerabilities can allow attackers to gain increased privileges...
Critical, Unpatched Cisco Flaw Leaves Small Business Networks Wide Open
A critical and unpatched vulnerability in the widely deployed Cisco Small Business Switch software leaves the door open to remote, unauthenticated attackers gaining full administrative control over the device – and therefore the network. Cisco Small Business Switches were developed for small offi...
CVE-2018-19420
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g., the test or test.asdf filename, because of admin/upload-uploadify.php, and validatesafefile in...
Code injection
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g., the test or test.asdf filename, because of admin/upload-uploadify.php, and validatesafefile in...
CVE-2018-19421
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...
CVE-2018-19421
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...
Intel ME 6.x/7.x/8.x/9.x/10.x./11.x, SPS 4.0, and TXE 3.0 Cumulative Security Update - US
Lenovo Security Advisory: LEN-17297 Potential Impact: An attacker could load and execute arbitrary code outside the visibility of the user, operating system, and hypervisor/virtualization platform; resulting in exfiltration of secrets, subtle manipulation of system operation, or denial of service...
Charney on Trustworthy Computing: 'I Was the Architect of These Changes'
Scott Charney, the head of Microsoft’s Trustworthy Computing efforts, said that he was the one who decided it was time to move the TwC group in a new direction and integrate the security functions more deeply into the company as a whole. “I was the architect of these changes. This is not about th...
COMTREND CT-5624 Router - Root/Support Password Disclosure/Change
!/usr/bin/perl + Comtrend Router CT-5624 Remote Root/Support Password Disclosure/Change Exploit Author: Todor Donev Email: todor.donev@@gmail Type: Hardware Vuln Type: Remote Tested: Board ID : CT-5624 Software : A011-306TSR-C01R03 Bootloader : 1.0.37-0.7-3 ADSL : A2pB022c3.d20e Board ID : CT-563...
Comtrend Router CT-5624 Remote Root/Support Password Disclosure
Exploit for hardware platform in category web applications !/usr/bin/perl + Comtrend Router CT-5624 Remote Root/Support Password Disclosure/Change Exploit Author: Todor Donev Email: email protected@gmail Type: Hardware Vuln Type: Remote Tested: Board ID : CT-5624 Software : A011-306TSR-C01R03...
Researcher Finds Cracks in Symbian Security
From The H Security Symbian, found in many mobile phones, especially those from Nokia, is one of the most widely used mobile operating systems and has now been in use for more than ten years. It continues to be viewed as a very secure operating system, with special security functions and a...
CVE-2009-0656
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user...
Gentoo Security Advisory GLSA 200511-08 (PHP)
The remote host is missing updates announced in advisory GLSA 200511-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Detectoid for Microsoft Office Communications Server 2007 R2
Detectoid for Microsoft Office Communications Server 2007 R2...