CVE-2015-2814

SAP EMR Unwired com.sap.mobile.healthcare.emr.v2 and Clinical Task Tracker com.sap.mobile.healthcare.ctt does not properly restrict access, which allows remote attackers to change the backendurl, clientid, ssourl, and infopageurl settings via unspecified vectors, aka SAP Security Note 2117079...

CVE-2015-2814

CVE-2015-2814 affects SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task Tracker (com.sap.mobile.healthcare.ctt). The issue is an improper access restriction that lets remote attackers modify settings such as backendurl , clientid , ssourl , and infopageurl via unspecified vecto...

[SECURITY] Fedora 22 Update: rt-4.2.10-2.fc22

RT is an enterprise-grade ticketing system which enables a group of people to intelligently and efficiently manage tasks, issues, and requests submitt ed by a community of users...

Microsoft Windows Task Scheduler Buffer Overflow attack - Ver2 (CVE-2004-0212)

A buffer overflow vulnerability has been reported in Microsoft Windows. A remote attacker can cause arbitrary code execution resulting in a loss of integrity using a specially crafted .job file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code ...

OpenKM Cross-Site Scripting Vulnerability

OpenKM is a document management system from OpenKM Spain. The system provides features such as version control, document history and file sharing. A cross-site scripting vulnerability exists in OpenKM version 6.4.18 build 23338, which stems from a frontend/index.jsp script that fails to adequatel...

Microsoft Task Scheduler Local Elevation of Privilege Vulnerability

Microsoft Windows is an operating system developed by Microsoft. The Microsoft Windows Task Manager fails to properly calibrate and enforce simulation levels, allowing a local attacker to exploit a vulnerability to bypass access control lists and elevate privileges...

CVE-2014-9017

Cross-site scripting XSS vulnerability in OpenKM before 6.4.19 build 23338 allows remote authenticated users to inject arbitrary web script or HTML via the Subject field in a Task to frontend/index.jsp...

CVE-2014-9017

Cross-site scripting XSS vulnerability in OpenKM before 6.4.19 build 23338 allows remote authenticated users to inject arbitrary web script or HTML via the Subject field in a Task to frontend/index.jsp...

Security feature bypass

The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to bypass intended restrictions on launching executable files...

CVE-2015-0084

The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to bypass intended restrictions on launching executable files...

CVE-2015-0084

CVE-2015-0084 affects Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8/8.1, Windows Server 2012 (Gold/R2) and Windows RT (Gold/8.1). The Task Scheduler fails to properly constrain impersonation levels, enabling local privilege escalation by launching executables via a crafted task. Public exp...

Microsoft Windows Task Scheduler security Feature Bypass Vulnerability (3030377)

This host is missing an important security update according to Microsoft Bulletin MS15-028. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS15-028: Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass (3030377)

The remote Windows host is affected by a security bypass vulnerability due to Windows Task Scheduler not properly validating and enforcing impersonation levels. Attackers can exploit this flaw to elevate privileges in order to execute files they have no permission to run. C Tenable Network...

Microsoft Windows Task Scheduler CVE-2015-0084 Security Bypass Vulnerability

Description Microsoft Windows Kernel is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Avaya CallPilot 5.0 Avaya CallPilot 5.0.1...

BEWARE! μTorrent Silently Installing Bitcoin Mining Software

If you have recently installed or updated the popular BitTorrent client μTorrent 3.4.2 Build 28913 on your computer, then you read this warning post right now. Users of the μTorrent file-sharing service are complaining that the latest update of software used for torrent downloading is silently...

XSRF - complete task request omits atl-token

Potential XSRF vulnerability in tasks. No atl-token is present in the request to complete a task which suggests an attacker may be able to craft a cross site request forgery and action a task without the correct authorisation...

XSRF - complete task request omits atl-token

Potential XSRF vulnerability in tasks. No atl-token is present in the request to complete a task which suggests an attacker may be able to craft a cross site request forgery and action a task without the correct authorisation...

XSRF - complete task request omits atl-token

Potential XSRF vulnerability in tasks. No atl-token is present in the request to complete a task which suggests an attacker may be able to craft a cross site request forgery and action a task without the correct authorisation...

PYSEC-2015-37

OpenStack Image Registry and Delivery Service Glance 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service disk consumption by creating a large number of images using the task v2 API and then deleting them before the uploads...

CVE-2014-9684

OpenStack Image Registry and Delivery Service Glance 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service disk consumption by creating a large number of images using the task v2 API and then deleting them before the uploads...