Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2020/07/27 12:0 a.m.251 views

Microsoft Windows Unsafe Handling Practices

Hi @ll, This multi-part post can be read even without a MIME-compliant program! Back in 2014, I reported a vulnerability in CreateProcess's handling of .cmd and .bat files that Microsoft fixed with MS14-019 alias MSKB 2922229 and assigned CVE-2014-0315: command lines with a batch script as first...

6.9CVSS0.3AI score0.14736EPSS
Exploits4
Intel
Intel
added 2017/05/30 12:0 a.m.10 views

Intel® Solid State Drive Toolbox™ Escalation of Privilege Vulnerability

Summary: There is an escalation of privilege vulnerability in the Intel® Solid State Drive Toolbox™ versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code. Description: There is an escalation of privilege vulnerability in the Intel® Solid State Drive...

7.5AI score
Exploits0
Apple
Apple
added 2016/05/16 8:47 a.m.43 views

About the security content of iTunes 12.4 - Apple Support

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...

7.8CVSS0.7AI score0.00424EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.35 views

VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6

Hi @ll, the current 3CXPhone6.msi for Windows, available from http://www.3cx.com/VOIP/sip-phone/, digitally signed on 2012-07-30, installs the following outdated and vulnerable 3rd-party libraries: libeay32.dll and ssleay32.dll version 0.9.8h from 2008-05-28 of OpenSSL. The current version of...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2013/05/05 12:0 a.m.20 views

Microsoft Security Essentials Code Execution

Hi @ll, versions of Microsoft Security Essentials before the current v4.2 see have a vulnerability that could lead to execution of arbitrary code in the security context of the LocalSystem account almost like alias . The "UninstallString" written to...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/06/27 12:0 a.m.24 views

GLSA-200506-23 : Clam AntiVirus: Denial of Service vulnerability

The remote host is affected by the vulnerability described in GLSA-200506-23 Clam AntiVirus: Denial of Service vulnerability Andrew Toller and Stefan Kanthak discovered that a flaw in libmspack's Quantum archive decompressor renders Clam AntiVirus vulnerable to a Denial of Service attack. Impact ...

2.6CVSS5.5AI score0.02339EPSS
Exploits0References3
Rows per page
Query Builder