8 matches found
DTEX DEC-M 安全漏洞
DTEX DEC-M is a unified internal risk management platform from DTEX Corporation. A security vulnerability exists in DTEX DEC-M version 6.1.1, which stems from a lack of proper logical validation, and allows an attacker to elevate privileges to root via an unauthorized client connection using the...
GHSA-M738-3RC4-5XV3 A user without PR can reset user authentication failures information
Impact The script service method used to reset the authentication failures record can be executed by any user with Script rights and does not require Programming rights as it should have. Note that being able to reset the authentication failure record mean that an attacker with script right might...
CVE-2019-6295
Cleanto 5.0 has SQL Injection via the assets/lib/servicemethodajax.php serviceid parameter...
MGASA-2018-0270 Updated python3 packages fix security vulnerabilities
Updated python3 packages fix security vulnerabilities: A flaw was found in the way catastrophic backtracking was implemented in Python's pop3lib's apop method. An attacker could use this flaw to cause denial of service CVE-2018-1060. A flaw was found in the way catastrophic backtracking was...
CVE-2014-2504
EMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, 4.1 before P13, and 4.2 before P01 allows remote authenticated users to bypass intended access restrictions and execute arbitrary Documentum Query Language DQL queries by calling 1 a core method or 2 a D2FS web-service method...
[WiFi Password Decryptor] Free Wireless Password Recovery Software
| WiFi Password Decryptor is the FREE software to instantly recover Wireless account passwords stored on your system. --- It automatically recovers all type of Wireless Keys/Passwords WEP/WPA/WPA2 etc stored by Windows Wireless Configuration Manager. For each recovered WiFi account, it displays...
XX antivirus Avira when NTFS permissions vulnerability-vulnerability warning-the black bar safety net
XX and other mollusc in the processing of the NTFS partition to have special permissions when a file will avoid the check, or direct skip, cause any virus can escape the antivirus check. Currently known Kaspersky the memory of killing there is no such vulnerability, but the file scan will skip...
Dove gray is registered as a system service method-reference for the black hole-vulnerability and early warning-the black bar safety net
A few days ago a pigeon to research registered into the system service method, I don't have pigeons, and found that it is using rundll32 to import an inf to achieve, this should be added a registry key to disable the reg script, disable regedit, are effective? Examples are as follows: Add a...