4529 matches found
CVE-2018-17538
Axon Evidence Sync 3.15.89 is described as vulnerable to process injection. The PT-2018-14047 entry notes the vendor disputes the vulnerability’s existence and that no fix/version is publicly documented in the provided sources. No remediation details are available in the connected documents; expl...
PT-2018-14047 · Axon · Axon Evidence Sync
Name of the Vulnerable Software and Affected Versions: Axon Evidence Sync version 3.15.89 Description: The issue concerns process injection. The vendor disputes the existence of this vulnerability, stating that the associated information does not support any finding of a vulnerability...
CVE-2018-3918
An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync'...
PT-2018-16310 · Samsung · Samsung Smartthings Hub
Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: An issue exists in the remote servers of Samsung SmartThings Hub where the hubCore process listens on port 39500 and relays unauthenticated messages. The servers incorrectly...
GTA 5 Online Game - Timeout Sync Money Vulnerability
Document Title: =============== GTA 5 Online Game - Timeout Sync Money Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2142 View Video: https://www.youtube.com/watch?v=Iz6xYtP-sYY Release Date: ============= 2018-08-21 Vulnerability Laboratory ID VL-ID:...
GTA 5 Online Game - Timeout Sync Money Vulnerability
Document Title: =============== GTA 5 Online Game - Timeout Sync Money Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2142 View Video: https://www.youtube.com/watch?v=Iz6xYtP-sYY Release Date: ============= 2018-08-20 Vulnerability Laboratory ID VL-ID:...
CloudMe Sync 1.10.9 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link:...
CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)
CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Date: 2018-08-05 Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link:...
CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)
Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Date: 2018-08-05 Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link: https://www.cloudme.com/downloads/CloudMe1109.exe Tested on: Windows 10 Home x...
Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability(CVE-2018-3918)
Summary An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the "sync" operation, leading to arbitrary deleti...
Critical severity vulnerability that affects dns-sync
Withdrawn, accidental duplicate publish. The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function...
GHSA-WXVM-FH75-MPGR Critical severity vulnerability that affects dns-sync
Withdrawn, accidental duplicate publish. The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function...
Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability
Summary An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings’ remote servers, which incorrectly handle camera IDs for the “sync” operation, leading to arbitrary deleti...
Command Injection in dns-sync
Affected versions of dns-sync have an arbitrary command execution vulnerability in the resolve method. Recommendation - Use an alternative dns resolver - Do not allow untrusted input into dns-sync.resolve...
GHSA-JCW8-R9XM-32C6 Command Injection in dns-sync
Affected versions of dns-sync have an arbitrary command execution vulnerability in the resolve method. Recommendation - Use an alternative dns resolver - Do not allow untrusted input into dns-sync.resolve...
RHEL 7 : Red Hat Ceph Storage 3.0 (RHSA-2018:2177)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2177 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update
An update for ceph is now available for Red Hat Ceph Storage for Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
dns-sync Command Injection Vulnerability
dns-sync is a library used in Node.js that allows to resolve hostnames in a synchronized way. A security vulnerability exists in dns-sync. An attacker can exploit this vulnerability to inject commands with untrusted user input...
CVE-2018-12907
In Rclone 1.42, use of "rclone sync" to migrate data between two Google Cloud Storage buckets might allow attackers to trigger the transmission of any URL's content to Google, because there is no validation of a URL field received from the Google Cloud Storage API server, aka a "RESTLESS" issue...
Fedora 27 : 1:epiphany (2018-de5457b0a2)
Ensure search engine migration does not fail 794645 - Do not open adblock filters when automatic open downloads is enabled 794646 - Fix crash destroying sync service 794728 - Fix CVE-2018-11396/CVE-2018-12016 795740 - Do not use Fanboy's Annoyance adblock list by default 796245 - Fix a couple...