270 matches found
CVE-2018-1167
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Spotify Music Player 1.0.69.336. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2018-1167
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Spotify Music Player 1.0.69.336. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Microsoft Skype URL Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Adobe Connect Arbitrary File Deletion Vulnerability
Adobe Connect web conferencing software service provides an immersive online meeting experience for collaboration, virtual classrooms and large-scale webinars. An arbitrary file deletion vulnerability exists in Adobe Connect due to a command injection flaw in the Adobe Connect URI handler that ca...
Adobe Dreamweaver Arbitrary Code Execution Vulnerability
Adobe Dreamweaver, or "DW" for short, is a WYSIWYG web code editor that combines web authoring and web site management, using a WYSIWYG interface with HTML an application of the Standard Generalized Markup Language editing. Adobe Dreamweaver makes it easy to create, code, and manage dynamic Web...
APSB18-06 Security update available for Adobe Connect
Adobe has released a security update for Adobe Connect. This update resolves an unrestricted SWF file upload vulnerability CVE-2018-4921, which could be exploited to conduct cross-site scripting attacks. This update also resolves an OS command injection vulnerability in the Adobe Connect URI...
CVE-2017-14593
Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From version 0.8.4b of...
Command injection
Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. From version 1.4.0 of Sourcetree...
Command injection
Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From version 0.8.4b of...
CVE-2017-14592
Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. From version 1.4.0 of Sourcetree...
Cisco WebEx Network Recording Player Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wbx URI handler. When parsing the register parameter, the...
Microsoft Remote Desktop Client For Mac 8.0.36 Remote Code Execution
Advisory ID: SGMA16-004 Title: Microsoft Remote Desktop Client for Mac Remote Code Execution Product: Microsoft Remote Desktop Client for Mac Version: 8.0.36 and probably prior Vendor: www.microsoft.com Type: Arbitrary file read/write leads to RCE Risk level: 4 / 5 Credit:...
JMX2 Email Tester - save_email.php Arbitrary File Upload
JMX2 Email Tester - saveemail.php Arbitrary File Upload Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link:...
JMX2 Email Tester - save_email.php Arbitrary File Upload Exploit
Exploit for multiple platform in category web applications Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link:...
SolarWinds DameWare Mini Remote Control < 12.0 Hotfix 1 DWRCC.exe RCE
The remote host is running a version of SolarWinds DameWare Mini Remote Control prior to 12.0 Hotfix 1. It is, therefore, affected by a remote code execution vulnerability due to a flaw in the DWRCC.exe URI handler that is triggered when handling certain command line arguments. An unauthenticated...
CVE-2015-8220
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link...
Stack overflow
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link...
IBM Installation Manager <= 1.3.0 iim:// URI handler exploit
No description provided by source. !-- IBM Installation Manager = 1.3.0 iim:// uri handler remote code execution exploit - IE by nine:situations:group::bruiser site: http://retrogod.altervista.org/ vulnerable: IBM Rational Robot IBM Rational Team Concert possibly all Rational products, not Ration...
XChat 2.8.7b - 'ircs://' URI Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29696/info XChat is prone to a vulnerability that allows remote attackers to execute arbitrary commands in the context of the vulnerable user. This issue may lead to a remote compromise. The issue arises because of improp...
Trillian 3.1.6.0 URI Handler Remote Code Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24927/info Trillian is prone to remote command- and code-execution vulnerabilities because the application fails to properly handle user-supplied input via a registered URI. Successfully exploiting these issues allows...