14 matches found
EUVD-2023-34149
Malicious code in bioql PyPI...
CVE-2021-27406
An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into initializing a new open-VPN instance with arbitrary open-VPN configuration. This could result in t...
CVE-2024-12019
The API used to interact with documents in the application contains a flaw that allows an authenticated attacker to read the contents of files on the underlying operating system. An account with ‘read’ and ‘download’ privileges on at least one existing document in the application is required to...
CVE-2023-2685
A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started...
Design/Logic Flaw
A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started...
CVE-2023-2685 Unquoted Service Path in ABB AO-OPC
A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started...
Dell Peripheral Manager Elevation of Privilege Vulnerability
Dell Peripheral Manager is an application from Dell USA. It provides on-screen instructions on how to pair other devices with your computer via Bluetooth. An elevation of privilege vulnerability exists in Dell Peripheral Manager versions prior to 1.3.1, which can be exploited by an attacker to ga...
The vulnerability of the Moxa MXView network control software is related to incorrect default access permissions settings, which allow a violator to execute arbitrary commands with privileges of a system user.
The vulnerability of the Moxa MXView network control software is related to incorrect default access rights settings. Exploiting this vulnerability allows a perpetrator to execute arbitrary commands with privileges of a system user...
Cisco Patches High-Severity Webex Vulnerability For Third Time
Cisco Systems is hoping three times is a charm. The networking giant has issued a third patch for a stubborn high-severity flaw in its Webex Meetings platform after researchers once again discovered a way to bypass the previous fix. The privilege elevation vulnerability CVE-2019-1674 exists in th...
Cisco WebEx Meetings Privilege Escalation Vulnerability
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges. This vulnerability is related to a previous security issue fixed by Cisco in October. Affected versions include Cisco Webex Meetings Desktop App releases prior...
Design/Logic Flaw
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this...
CVE-2018-15442 Cisco Webex Meetings Desktop App Update Service Command Injection Vulnerability
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this...
NVIDIA Elevation of Privilege Vulnerability
NVIDIA full name NVIDIA Corporation, NASDAQ: NVDA, official Chinese name NVIDIA, founded in January 1993, is a fabless IC semiconductor company focusing on the design of smart-core chipsets. An elevation of privilege vulnerability exists in NVIDIA, which can be exploited by an attacker to execute...
IBM SolidDB 'solid.exe' Handshake Remote Code Execution Vulnerability
IBM SolidDB is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM user privileges. Failed exploit attempts will result in a denial-of- service condition. The vulnerability is reported in version 6.5 FP1 6.5.0.1. Prior versions...