CVE-2016-1034

The CVE-2016-1034 issue affects Adobe Creative Cloud Desktop (Windows/Mac) with the JavaScript API for Creative Cloud Libraries. The Sync Process in this API, prior to version 3.6.0.244 (and affected 3.5.x up to 3.5.1.209 on some entries), can be exploited to read or write arbitrary files on the ...

APSB16-11 Security update available for the Creative Cloud Desktop Application

Adobe has released a security update for the Creative Cloud Desktop Application for Windows and Macintosh. This update resolves an important vulnerability in the Sync Process for Creative Cloud Libraries that could be abused to remotely read and write files on the client’s file system...

Contact Photo Sync - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Contact Photo Sync published at the 'play' market has multiple vulnerabilities...

Address Book & Contacts Sync - BSD license, Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Address Book & Contacts Sync published at the 'play' market has multiple vulnerabilities...

Caldav Sync Free Beta - Customized SSL, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Caldav Sync Free Beta published at the 'play' market has multiple vulnerabilities...

CardDAV-Sync free - Customized SSL, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application CardDAV-Sync free published at the 'play' market has multiple vulnerabilities...

Contacts Transfer Backup Sync - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Contacts Transfer Backup Sync published at the 'play' market has multiple vulnerabilities...

iCloud Contacts Sync - Customized SSL, Dynamic Code Loading, Exported components vulnerabilities

HackApp vulnerability scanner discovered that application iCloud Contacts Sync published at the 'play' market has multiple vulnerabilities...

Home Budget with Sync Lite - External URLs, SD-card access, SQLite database found vulnerabilities

HackApp vulnerability scanner discovered that application Home Budget with Sync Lite published at the 'play' market has multiple vulnerabilities...

Sync-Plus - Certificates or keys found, External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Sync-Plus published at the 'play' market has multiple vulnerabilities...

Outlook USB Sync for Android - External URLs, SD-card access, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application Outlook USB Sync for Android published at the 'play' market has multiple vulnerabilities...

DejaOffice for Outlook Sync - Apache license, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application DejaOffice for Outlook Sync published at the 'play' market has multiple vulnerabilities...

Fedora 23 : php-horde-Horde-Service-Weather-2.3.1-1.fc23 / php-horde-Horde-Core-2.22.4-1.fc23 / etc (2015-a3c9048cdd)

HordeCore 2.22.4 mjr SECURITY: Fix XSS in HordeCoreVarRendererHtml reported by Centurion Information Security. mjr Support sending MDN via ActiveSync Request 23080. HordeCore 2.22.3 mjr Fix issue with synchronizing IMAP folder names that contain only numbers. HordePerms 2.1.6 mjr Use NULL instead...

CVE-2015-5266

The enrolmetasync function in enrol/meta/locallib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to obtain manager privileges in opportunistic circumstances by leveraging incorrect role processing during a long-runni...

UBUNTU-CVE-2015-5266

The enrolmetasync function in enrol/meta/locallib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to obtain manager privileges in opportunistic circumstances by leveraging incorrect role processing during a long-runni...

CVE-2016-2509

The password-sync feature on Belden Hirschmann Classic Platform switches L2B before 05.3.07 and L2E, L2P, L3E, and L3P before 09.0.06 sets an SNMP community to the same string as the administrator password, which allows remote attackers to obtain sensitive information by sniffing the network...

Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default

Overview Hirschmann "Classic Platform" switches contain a password sync feature that syncs the switch administrator password with the SNMP community password, exposing the administrator password to attackers on the local network. Description CWE-257: Storing Passwords in a Recoverable Format For...

Microsoft Windows DLL Load Denial of Service Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. Sync Framework is one of the synchronization platform components used to enable collaboration and offline access to applications, services, and devices. A denial of service vulnerability exists in Syn...

CVE-2016-0044

Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service SyncShareSvc service outage via crafted "change batch" data, aka "Windows DLL Loading Denial of Service Vulnerability."...

CVE-2016-0044

Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service SyncShareSvc service outage via crafted "change batch" data, aka "Windows DLL Loading Denial of Service Vulnerability."...