203 matches found
Splashtop Streamer 安全漏洞
Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.7.0.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...
CVE-2024-42052
The CVE-2024-42052 issue concerns the MSI installer for Splashtop Streamer for Windows prior to version 3.5.8.0. The installer uses a temporary folder with weak permissions during installation, allowing a local user to escalate privileges to SYSTEM by placing a wevtutil.exe file in that folder. A...
Design/Logic Flaw
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...
CVE-2023-31014
NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial ...
Design/Logic Flaw
NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial ...
CVE-2023-31014
NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial ...
PT-2023-23112 · Nvidia · Nvidia Geforce Now
Name of the Vulnerable Software and Affected Versions: NVIDIA GeForce Now for Android affected versions not specified Description: The issue is related to a vulnerability in the game launcher component of NVIDIA GeForce Now for Android. A malicious application on the same device can process the...
CVE-2023-32468
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...
CVE-2023-32468
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...
Code injection
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...
CVE-2023-32468
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...
CVE-2023-32468
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...
CVE-2023-32468
CVE-2023-32468 affects Dell EMC ECS Streamer prior to 2.0.7.1. The vulnerability is an insertion of sensitive information into log files, enabling exposure of sensitive data when logs are accessible. A remote, high-privileged attacker could potentially exploit this issue via log handling, as desc...
Dell EMC ECS 日志信息泄露漏洞
Dell EMC ECS is a storage device from Dell USA. A log information disclosure vulnerability exists in Dell EMC ECS Streamer prior to version 2.0.7.1, which originates from inserting sensitive information into a log file, resulting in the disclosure of sensitive data...
PT-2023-23809 · Dell · Dell Ecs Streamer
Name of the Vulnerable Software and Affected Versions: Dell ECS Streamer versions prior to 2.0.7.1 Description: The issue concerns the insertion of sensitive information in log files, which could be exploited by a remote malicious high-privileged user, leading to exposure of this sensitive data...
PT-2023-35902 · Git +1 · Serenity
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue is identified, potentially causing a crash. The crash occurs in the Gfx::InputStreamer::read u24 function, which is...
New streaming ad technology plays hide-and-seek with gamers
A new form of digital advertising is looking to make its way to you courtesy of video gaming. However, theres a rather peculiar twist involved. These ads wont appear in front of you while playing; in fact, theyre designed to trigger when someone else is in-game. The most baffling twist of all?...
Malicious code in shaka-streamer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7e116b92ae5de6b655e072cecc31ef8109e396fe3a1d6e6534d7e1a76796141 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6072 Malicious code in shaka-streamer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7e116b92ae5de6b655e072cecc31ef8109e396fe3a1d6e6534d7e1a76796141 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in remote-dev-jobs-streamer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5f1d86e52a908d4297ad2c989b9432b67179e88abd1e96fee8b9f1e00977a66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...