5 matches found
EUVD-2021-2251
Malware in sbrugna...
The vulnerability of the Local Security Authority (LSA) service, which is responsible for authenticating users and managing local security policies in Windows operating systems, allows attackers to escalate their privileges.
The vulnerability of the Local Security Authority LSA in Windows operating systems, which is responsible for verifying identities and managing user policies, is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to increase their privileges...
CVE-2021-27221
MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work...
Command injection
DISPUTED MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work...
Authorization Bypass
github.com/minio/minio is vulnerable to authorization bypass. PostPolicyHandler did not verify user policies and allows an attacker to bypass the readOnly policy by creating a temporary mc share upload URL...