316 matches found
CVE-2024-3037
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...
CVE-2024-3037
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...
CVE-2024-4712
CVE-2024-4712 and CVE-2024-8405 describe an arbitrary file creation issue in PaperCut NG/MF on Windows servers with Web Print enabled, affecting the image-handler/web‑print.exe process. The flaws allow a malicious payload to cause the creation of files that shouldn’t exist, potentially enabling l...
CVE-2024-4712 Arbitrary File Creation in PaperCut NG/MF Web Print Image Handler
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead ...
CVE-2024-4712 Arbitrary File Creation in PaperCut NG/MF Web Print Image Handler
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead ...
CVE-2024-3037 Arbitrary File Deletion in PaperCut NG/MF Web Print
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...
Veritas System Recovery 安全漏洞
Veritas System Recovery is a fast, easy-to-use backup and recovery solution for Microsoft Windows servers from Veritas USA. A security vulnerability exists in versions prior to Veritas System Recovery 23.2Hotfix that stems from incorrect permissions on the Veritas System Recovery folder...
PT-2024-10234 · Sap · Sapsetup
Name of the Vulnerable Software and Affected Versions: SAP Setup affected versions not specified Description: The issue is related to a DLL injection vulnerability in SAPSetup, which could allow an attacker with local user privileges or access to a compromised corporate user's Windows account to...
The vulnerability of the DHCP server service for Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the DHCP server service for Windows operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2024-3384
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager NTLM packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...
CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager NTLM packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...
CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager NTLM packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...
CVE-2024-3384
CVE-2024-3384 affects Palo Alto Networks PAN-OS. According to the sources, a remote attacker can reboot PAN-OS firewalls by sending NTLM packets, potentially driving the device into maintenance mode and requiring manual recovery. The Palo Alto advisory notes no workarounds, and the CNVD/NCSC entr...
Palo Alto Networks PAN-OS 安全漏洞
Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS. A remote attacker can exploit the vulnerability to restart the PAN-OS firewall when receiving Windows New Technology LAN Manager NTLM packet...
Microsoft Windows Secure Boot 安全漏洞
Microsoft Windows Secure Boot is a secure boot from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Secure Boot. An attacker exploiting this vulnerability could bypass certain features. The following products and editions are affected:Windows Server 2019 Server Cor...
CVE-2024-2294
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backupname parameter in the backuplydownloadbackup function. This makes it possible for attackers to have an account with only...
CVE-2024-2294 Backuply – Backup, Restore, Migrate and Clone <= 1.2.7 - Authenticated (Admin+) Directory Traversal
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backupname parameter in the backuplydownloadbackup function. This makes it possible for attackers to have an account with only...
CVE-2024-2294 Backuply – Backup, Restore, Migrate and Clone <= 1.2.7 - Authenticated (Admin+) Directory Traversal
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backupname parameter in the backuplydownloadbackup function. This makes it possible for attackers to have an account with only...
CVE-2024-2294
CVE-2024-2294 affects the Backuply plugin for WordPress on Windows-hosted sites. The vulnerability is a Directory Traversal via the backup_name parameter in the backuply_download_backup function, allowing an account with only activate_plugins capability to access arbitrary server files. Red Hat c...
Microsoft OLE DB Provider for SQL Server Security Vulnerability
Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...