23 matches found
EUVD-2019-17229
Malware in sbrugna...
EUVD-2019-17196
Malware in sbrugna...
EUVD-2021-0284
Malware in sbrugna...
TOTOLINK A810R infostat.cgi buffer overflow vulnerability
TOTOLINK A810R is a wireless dual-band router from China's Gion Electronics TOTOLINK. The TOTOLINK A810R infostat.cgi suffers from a buffer overflow vulnerability that can be exploited by a remote attacker to submit a special request that can crash the service program or execute arbitrary code in...
Microsoft Exchange Server Spoofing Vulnerability (CNVD-2024-45320)
Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A spoofing vulnerability exists in Microsoft Exchange Server, which can be exploited by an attack...
CVE-2020-19318
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program...
Microsoft Exchange Server Spoofing Vulnerability (CNVD-2023-51373)
Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A spoofing vulnerability exists in Microsoft Exchange Server, which can be exploited by attackers...
CVE-2022-24286
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local privilege escalation vulnerability. The user process communicates with a service of system authority through a named pipe. In this case, the Named Pipe is also given Read and Write rights to the general...
Binary Vulnerability in D-Link DIR-816 Router
The DIR-816 is a wireless router under the AUO D-Link brand, manufactured in mainland China. A binary vulnerability exists in the D-Link DIR-816 router, which can be exploited by attackers to cause a service program crash...
Binary Vulnerability in D-Link DIR-816 Router (CNVD-2021-27694)
The DIR-816 is a wireless router under the AUO D-Link brand, manufactured in mainland China. A binary vulnerability exists in the D-Link DIR-816 router, which can be exploited by attackers to cause a service program crash...
Binary Vulnerability in D-Link DIR-816 Router (CNVD-2021-27693)
The DIR-816 is a wireless router under the AUO D-Link brand, manufactured in mainland China. A binary vulnerability exists in the D-Link DIR-816 router, which can be exploited by attackers to cause a service program crash...
Binary Vulnerability in D-Link DIR-816 Router (CNVD-2021-27695)
The DIR-816 is a wireless router under the AUO D-Link brand, manufactured in mainland China. A binary vulnerability exists in the D-Link DIR-816 router, which can be exploited by attackers to cause a service program crash...
Linksys E1000 Router Has Denial of Service Vulnerability
LINKSYS E1000 is a router product. A denial of service vulnerability exists in the Linksys E1000 router, which can be exploited by attackers to cause a service program crash...
Microsoft Exchange Server Spoofing Vulnerability (CNVD-2021-28798)
Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A spoofing vulnerability exists in Microsoft Exchange Server. No detailed vulnerability details a...
Design/Logic Flaw
An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection, validly authenticated and authorized as...
CVE-2016-10041
An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection, validly authenticated and authorized as...
CVE-2016-10041
An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection, validly authenticated and authorized as...
CVE-2016-10041
SPRECON-E Service Program (before 3.43 SP0) is affected. The issue stems from incorrect caching of client data that can enable privilege escalation after a non-admin user executes telegram simulation, given preconditions: a user creates an online-connection, is validly authenticated/authorized as...
Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation
Exploit Title: Lenovo ThinkVantage Communications Utility - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 3.0.42.0 Tested on: Windows 7 Professional The Lenovo ThinkVantage Communications Utility installs 2 services with unquoted service paths. Thi...
Nessus本地权限提升漏洞
Nessus是一款流行的系统漏洞扫描与分析软件。 Nessus恶意进程检测插件存在安全漏洞,由于该插件会创建一个以SYSTEM运行的服务程序,并且低权限用户可允许修改该程序,允许攻击者利用漏洞创建恶意程序并执行,提升权限。 0 Nessus appliance engine 5.2.1 目前没有详细解决方案提供: http://www.nessus.org/...