Remote code execution

ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHPSESSIONUPLOADPROGRESS when the PHP installation supports...

FreeRadius 3.0.19 Logrotate Privilege Escalation Vulnerability

Privilege Escalation via Logrotate in FreeRadius Overview Identifier: AIT-SA-20191112-01 Target: FreeRadius Vendor: FreeRadius Version: all versions including 3.0.19 Fixed in Version: 12.2.3, 12.1.8 and 12.0.8 CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-10143 Author: Wolfgang Hotwagner AIT...

Microsoft Windows UAC Unsafe Interaction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to access an interactive desktop as a low-privileged user on the target system in order to exploit this vulnerability. The specific flaw exist...

CVE-2019-15741

An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation...

NewStart CGSL MAIN 4.05 : mutt Multiple Vulnerabilities (NS-SA-2019-0140)

The remote NewStart CGSL host, running version MAIN 4.05, has mutt packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters...

Updated mutt packages fix security vulnerability

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this to execute arbitrary code CVE-2018-14350, CVE-2018-14352, CVE-2018-14354, CVE-2018-14359, CVE-2018-14358, CVE-2018-14353 ,CVE-2018-14357. It was discovered that Mutt incorrectly handled certain...

CVE-2018-14363

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames...

CVE-2018-14363

An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames...

CVE-2018-14362

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character...

Unsafe Interaction In Sun Java SE Abstract Window Toolkit (Windows)

This host is installed with Sun Java SE and is prone to Unsafe Interaction. OpenVAS Vulnerability Test $Id: secpodsunjavaseunsafeinteractionwin.nasl 7699 2017-11-08 12:10:34Z santu $ Unsafe Interaction In Sun Java SE Abstract Window Toolkit Windows Authors: Sharath S Copyright: Copyright c 2009...

Unsafe Interaction In Sun Java SE Abstract Window Toolkit (Linux)

This host is installed with Sun Java SE and is prone to Unsafe Interaction. OpenVAS Vulnerability Test $Id: secpodsunjavaseunsafeinteractionlin.nasl 7699 2017-11-08 12:10:34Z santu $ Unsafe Interaction In Sun Java SE Abstract Window Toolkit Linux Authors: Sharath S Copyright: Copyright c 2009...