Lucene search
K

7923 matches found

Prion
Prion
added 2017/11/02 3:29 p.m.10 views

Design/Logic Flaw

Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

6.8CVSS7.7AI score0.00911EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/11/02 3:29 p.m.7 views

CVE-2017-10825

Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

7.8CVSS5.8AI score0.00911EPSS
Exploits0References2
n0where
n0where
added 2017/11/02 3:17 p.m.24 views

PowerShell Post-Exploitation Agent: Empire

Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architectur...

0.2AI score
Exploits0References1
Cvelist
Cvelist
added 2017/11/02 3:0 p.m.14 views

CVE-2017-10825

Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

7.8AI score0.00911EPSS
Exploits0References2
CVE
CVE
added 2017/11/02 3:0 p.m.49 views

CVE-2017-10825

CVE-2017-10825 affects the Installer of Flets Easy Setup Tool (Ver 1.2.0 and earlier). The underlying issue is an insecure DLL search path (untrusted search path) that allows arbitrary code execution with the privileges of the user invoking the installer when a Trojan horse DLL is present in an u...

7.8CVSS7.7AI score0.00911EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/02 4:57 a.m.2 views

Installer of "Flets Easy Setup Tool" may insecurely load Dynamic Link Libraries

Overview Installer of "Flets Easy Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC...

7.8CVSS6.8AI score0.00911EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/02 12:0 a.m.73 views

JVN#97243511: Installer of ”Flets Easy Setup Tool" may insecurely load Dynamic Link Libraries

Installer of "Flets Easy Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the...

7.8CVSS7.7AI score0.00911EPSS
Exploits0
Hacker One
Hacker One
added 2017/11/01 9:45 p.m.51 views

Open-Xchange: IDOR - setAttribute action of user object in API

Note. I selected sandbox.open-xchange.com as the asset in Hackerone but this was tested on a local installation . Hello, There appears to be a possible IDOR vulnerability in the following API endpoint for setting custom attributes:...

0.6AI score
Exploits0
OSV
OSV
added 2017/10/23 1:29 a.m.3 views

CVE-2017-7088

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange accoun...

5.9CVSS7.3AI score0.01876EPSS
Exploits0References3
NVD
NVD
added 2017/10/19 5:29 p.m.22 views

CVE-2017-10303

Vulnerability in the Oracle Interaction Center Intelligence component of Oracle E-Business Suite subcomponent: Setup. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

8.2CVSS8.1AI score0.01929EPSS
Exploits0References3
OSV
OSV
added 2017/10/19 5:29 p.m.3 views

CVE-2017-10303

Vulnerability in the Oracle Interaction Center Intelligence component of Oracle E-Business Suite subcomponent: Setup. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

8.2CVSS7.3AI score0.01929EPSS
Exploits0References3
Prion
Prion
added 2017/10/19 5:29 p.m.22 views

Buffer overflow

Vulnerability in the Oracle Interaction Center Intelligence component of Oracle E-Business Suite subcomponent: Setup. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

5.8CVSS7.5AI score0.01929EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/10/19 5:29 p.m.26 views

Code injection

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: Setup and Configuration. Supported versions that are affected are 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network...

5.8CVSS7.5AI score0.01642EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/10/18 12:0 a.m.3 views

Oracle E-Business Suite Unauthorized Operation Vulnerability (CNVD-2017-32191)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management, etc. Oracle Interaction Center Intelligence is one o...

8.2CVSS8.2AI score0.01929EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/18 12:0 a.m.5 views

Unspecified Vulnerability in Oracle Advanced Outbound Telephony

Oracle E-Business Suite E-Business Suite is a set of Oracle's fully integrated global business management software. Oracle Advanced Outbound Telephony is one of the tools used for outbound call campaign list management and predictive dialing. An unspecified vulnerability exists in the Setup and...

8.2CVSS8AI score0.01642EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/18 12:0 a.m.4 views

Unspecified Vulnerability in Oracle Advanced Outbound Telephony (CNVD-2017-30897)

Oracle E-Business Suite E-Business Suite is a set of Oracle's fully integrated global business management software. Oracle Advanced Outbound Telephony is one of the tools used for outbound call campaign list management and predictive dialing. An unspecified vulnerability exists in the Setup and...

8.2CVSS8AI score0.01642EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/10/17 9:38 p.m.7 views

wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake

A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used Tunneled Direct-Link Setup TDL...

6.8CVSS7.2AI score0.02046EPSS
Exploits0References7
OSV
OSV
added 2017/10/17 1:29 p.m.5 views

ALPINE-CVE-2017-13086

Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Tunneled Direct-Link Setup TDLS Peer Key TPK during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...

6.8CVSS6.9AI score0.02046EPSS
Exploits0References1
OSV
OSV
added 2017/10/17 1:29 p.m.28 views

CVE-2017-13086

Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Tunneled Direct-Link Setup TDLS Peer Key TPK during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...

6.8CVSS7AI score
Exploits0References21
Cvelist
Cvelist
added 2017/10/17 1:0 p.m.27 views

CVE-2017-13086

Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Tunneled Direct-Link Setup TDLS Peer Key TPK during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...

7.2AI score0.02046EPSS
Exploits0References21
Rows per page
Query Builder