10 matches found
EUVD-2021-29868
Malicious code in bioql PyPI...
Citrix Virtual Apps and Desktops multiple vulnerabilities (CTX285059)
The version of Citrix Virtual Apps and Desktops installed on the remote Windows host is prior to 7 2006 or prior to 1912 LTSR CU1. It is, therefore, affected by multiple vulnerabilities: - An authenticated user on a multi-session VDA can perform arbitrary command execution as SYSTEM. CVE-2020-826...
VulnCheck KEV: CVE-2020-8270
An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342...
CVE-2016-9463
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against an SMB server. This backen...
Java Web Start initial heap size command injection
Added: 03/02/2012 CVE: CVE-2012-0500 BID: 52015 OSVDB: 79227 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Java Web Start allows arbitrary command-line argument injection through...
CVE-2011-4743
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/user/create and certain other files...
Microsoft Windows Media Player DVR-MS File Code Execution
Added: 03/14/2011 CVE: CVE-2011-0042 BID: 46680 OSVDB: 71016 Background Windows Media Player is an audio and video media player for Windows platforms. Problem A file parsing error in Windows Media Player allows command execution when a user opens a specially crafted Digital Video Recording DVR-MS...
HP Data Protector Client agent EXEC_SETUP code execution
Added: 03/03/2011 CVE: CVE-2011-0922 BID: 46234 OSVDB: 72525 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The backup agent provided by the Data Protector Backup Client Service may be instructed to execute a setup file from...
SMB User Enumeration (SAM EnumUsers)
Determine what users exist via the SAM RPC service This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB User Enumeration SAM EnumUsers', 'Description' = 'Determine what users exist via the SAM R...
SMB Use Host SID to Enumerate Local Users
Using the host security identifier SID, Nessus was able to enumerate local users on the remote Windows system. C Tenable Network Security, Inc. @PREFERENCES@ include"compat.inc"; if description scriptid10860; scriptversion"1.62"; scriptsetattributeattribute:"pluginmodificationdate",...