26 matches found
CVE-2023-26601
Zoho ManageEngine ServiceDesk Plus through 14104, Asset Explorer through 6987, ServiceDesk Plus MSP before 14000, and Support Center Plus before 14000 allow Denial-of-Service DoS...
CVE-2022-35403
Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. This also affects Asset Explorer before 6977 with authentication...
TalosIntelligence.com is rolling out a new dispute system
At Cisco Talos, we need customers to be able to provide feedback at all times, whether it be about false positives, false negatives, or missed categories. Because we deal with an abundance of data across our platforms — such as IPS alerts, AMP alerts and more — feedback helps us test the efficacy...
Description of the security update for Excel 2007: April 10, 2018
Description of the security update for Excel 2007: April 10, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...
January 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1
January 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows: MS17-004 Security Update for Local Security Authority Subsystem Service 3216771 This security update also includes...
MS16-020: Security update for Active Directory Federation Services to address denial of service: February 9, 2016
MS16-020: Security update for Active Directory Federation Services to address denial of service: February 9, 2016 Summary This security update resolves a vulnerability in Active Directory Federation Services AD FS. The vulnerability could allow denial of service if an attacker sends certain input...
MS16-035: Description of the security update for the .NET Framework 3.5 in Windows Server 2012: March 8, 2016
MS16-035: Description of the security update for the .NET Framework 3.5 in Windows Server 2012: March 8, 2016 View products that this article applies to. Summary This update resolves a vulnerability in the Microsoft .NET Framework. The security feature bypass exists in a .NET Framework component...
MS16-080: Description of the security update for Windows PDF: June 14, 2016
MS16-080: Description of the security update for Windows PDF: June 14, 2016 Summary This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted .pdf file. An attacker who...
Schneider Electric Vijeo Citect, CitectSCADA, PowerLogic SCADA Vulnerability
Overview Schneider Electric has identified an XML external entity vulnerability in Vijeo Citect, CitectSCADA, and PowerLogic SCADA applications. Timur Yunusov, Alexey Osipov, and Ilya Karpov of Positive Technologies reported the vulnerability directly to Schneider Electric. Schneider Electric has...
ManageEngine Support Center Plus 7908 XSS / Shell Upload
+--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : ManageEngine Support Center Plus 0x90.nl Software link :...
AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
The host is installed with AVG Anti-Virus and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbavgantivirusremotecodeexecvuln.nasl 5956 2017-04-14 09:02:12Z teissa $ AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability Authors: Madhuri D...
CVE-2010-3496
McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection...
ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities
ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities | |.--.--.| || | .-----.| | |. | || || | ||. | | | || | |. | ||.| \ ||. | |||||||| |: 1 | |: 1 ||: 1 | |::.. . | |::.. . ||::.. . | -------' -------'-------'...
Schneider Electric UnitelWay Buffer Overflow
Overview ICS-CERT originally released Advisory ICSA-11-277-01P on the US-CERT secure Portal on October 04, 2011. This web page release was delayed to allow users sufficient time to download and install the update. Researcher Kuang-Chun Hung of Security Research and Service Institute—Information a...
Input validation
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist fromHCP option and execute arbitrary commands v...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
Windows Help and Support Center -FromHCP URL whitelist bypass
Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...
CVE-2010-1885
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist fromHCP option and execute arbitrary commands v...