95 matches found
RLSA-2023:3839 Moderate: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...
4D SAS 4D Server 授权问题漏洞
4D SAS 4D Server is a rapid development platform for business applications from 4D. A security vulnerability exists in the 4D SAS 4D Server Application that stems from the presence of an authentication vulnerability...
CVE-2023-30222
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping...
CVE-2023-30222
Affected product/implementation: 4D SAS 4D Server Application (4D Server) versions v17, v18, v19 R7 and earlier. Vulnerability summary: An information-disclosure flaw enables an attacker to retrieve password hashes for all users by eavesdropping on affected deployments. Root cause (as stated): In...
PT-2023-22593 · 4D · 4D Server Application
Name of the Vulnerable Software and Affected Versions: 4D Server Application versions v17 through v19 R7 Description: An information disclosure issue allows attackers to retrieve password hashes for all users via eavesdropping. Recommendations: For versions v17 through v19 R7, update to a version...
PT-2023-2270 · Solarwinds · Solarwinds Server/Application Monitor
Name of the Vulnerable Software and Affected Versions: Solarwinds Server & Application Monitor affected versions not specified Description: The issue is related to weaknesses in the authentication procedure, allowing a remote attacker to bypass authentication and access confidential information...
VuCSA - Vulnerable Client-Server Application - Made For Learning/Presenting How To Perform Penetration Tests Of Non-Http Thick Clients
Vulnerable Client-Server Application Vulnerable client-server application VuCSA is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java with JavaFX graphical user interface. Currently the vulnerable application contains the following...
Dream Report platform privilege escalation vulnerability
Summary Multiple privilege escalation vulnerabilities exist in Dream Report 5 R20-2. A specially crafted executable can cause elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Dream Report 5 R20-2 Product URLs https://dreamreport.net/...
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
Privilege escalation
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-13555
Advantech WebAccess/SCADA 9.0.1 is affected by several local privilege escalation vulnerabilities (CVE-2020-13555, CVE-2020-13552, CVE-2020-13553, CVE-2020-13554) as detailed in TALOS-2020-1169. The issues arise from weak permissions and misconfigurations that enable an unprivileged or moderately...
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-24683
The affected versions of S+ Operations version 2.1 SP1 and earlier used an approach for user authentication which relies on validation at the client node client-side authentication. This is not as secure as having the server validate a client application before allowing a connection. Therefore, i...
CVE-2020-24683 Authentication Bypass in Symphony Plus
The affected versions of S+ Operations version 2.1 SP1 and earlier used an approach for user authentication which relies on validation at the client node client-side authentication. This is not as secure as having the server validate a client application before allowing a connection. Therefore, i...
Denial Of Service (DoS)
GnuTLS is vulnerable to denial of service DoS. It is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application...
Exploit for NULL Pointer Dereference in Openssl
CVE-2020-1967 Proof of concept exploit about OpenSSL signature...
Denial Of Service (DoS)
krb5 is vulnerable to denial of service DoS. The vulnerability exists as a NULL pointer dereference flaw was discovered in the MIT Kerberos Generic Security Service Application Program Interface GSS-API library. A remote, authenticated attacker could use this flaw to crash any server application...
Denial Of Service (DoS)
java is vulnerable to denial of service. A flaw in the Java API for XML Web Services JAX-WS service endpoint handling could allow a remote attacker to cause a denial of service on the server application hosting the JAX-WS service endpoint...
Trend Micro OfficeScan Directory Traversal (CVE-2019-18187)
A directory traversal vulnerability exists in Trend Micro's OfficeScan. The vulnerability is due to insufficient handling of directory traversal characters in uploaded ZIP archives. A remote, authenticated attacker could exploit this vulnerability by sending a request containing a crafted ZIP fil...
China Chopper still active 9 years later
By Paul Rascagneres and Vanja Svajcer. Introduction Threats will commonly fade away over time as they're discovered, reported on, and detected. But China Chopper has found a way to stay relevant, active and effective nine years after its initial discovery. China Chopper is a web shell that allows...