EUVD-2001-1029

Malware in sbrugna...

InsydeH2O 安全漏洞

InsydeH2O is a customizable firmware codebase from China's Insyde Insyde Corporation. A security vulnerability exists in InsydeH2O, which originates from an arbitrary call to SmmSetVariable with unsanitized parameters in the SMI handler...

CVE-2017-8493

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka...

CVE-2007-3986

file.cgi in Secure Computing SecurityReporter aka Network Security Analyzer 4.6.3 allows remote attackers to bypass authentication via a name parameter that specifies the eventcache directory and a non-GIF file, which causes the $dontvalidate variable to be set to true. NOTE: a separate traversal...

PT-2006-5563 · Telekorn · Telekorn Signkorn Guestbook

Name of the Vulnerable Software and Affected Versions: Telekorn SignKorn Guestbook SL versions 1.3 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled and the SESSIONpermission parameter is set to "yes". This can be achieved vi...