50 matches found
EUVD-2007-1929
Malware in sbrugna...
EUVD-2007-1902
Malware in sbrugna...
EUVD-2011-2573
Malware in sbrugna...
EUVD-2007-2671
Malware in sbrugna...
EUVD-2022-42283
Malicious code in bioql PyPI...
EUVD-2022-53484
Malicious code in bioql PyPI...
CVE-2022-32291
In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname for a DLL file in a RAM file...
CVE-2010-4368
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC share pathname...
CVE-2024-33881
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter...
CVE-2024-33881
The CVE-2024-33881 affects VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The issue lies in the Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method, which allows an NTLMv2 hash leak via a UNC share pathname in the path parameter. Documents consistently describ...
CVE-2024-33881
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter...
CVE-2022-39838
Systematic FIX Adapter ALFAFX 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames...
CVE-2022-39838
Systematic FIX Adapter ALFAFX 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames...
Arbitrary file deletion
In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname for a DLL file in a RAM file...
CVE-2022-32291
In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname for a DLL file in a RAM file...
CVE-2019-6453
mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling Chrome is not exploitable...
Design/Logic Flaw
The client in iPass Open Mobile before 2.4.5 on Windows allows remote authenticated users to execute arbitrary code via a DLL pathname in a crafted Unicode string that is improperly handled by a subprocess reached through a named pipe, as demonstrated by a UNC share pathname...
Microsoft Internet Explorer Domain Policy Bypass Vulnerability
Microsoft Internet Explorer is prone to domain policy bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Internet Explorer Domain Policy Bypass Vulnerability
This host is installed with Microsoft Internet Explorer and is prone to domain policy bypass vulnerability. OpenVAS Vulnerability Test $Id: gbmsiedomainpolicybypassvuln.nasl 6125 2017-05-15 09:03:42Z teissa $ Microsoft Internet Explorer Domain Policy Bypass Vulnerability Authors: Arun Kallavi...
Code injection
Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC attribute of a SCRIPT element, as demonstrated by reading a name-value pair from a local file via a...