This module exploits an arbitrary file upload in Trend Micro Mobile Security for Enterprise to install an agent.
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory.
Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.
The CG6Service Service in CyberGhost has the SetPeLauncherState method which allows a user to launch a debugger automatically for a determined process.
This can be abused by an attacker to gain SYSTEM privileges by attaching to a SYSTEM process.
This update fixes a minor bug.
This can be abused by an attacker to gain SYSTEM privileges by attaching to a SYSTEM process.
This update fixes a minor bug.
VX Search Enterprise is prone to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring.
Adobe ColdFusion is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine.
The application allows an attacker to specify a server to perform authentication. That server also allows to execute controlled SQL directly against the database.
This module abuses of the previous vulnerabilities in order execute an agent as SYSTEM.
This module abuses of the previous vulnerabilities in order execute an agent as SYSTEM.
Username parameter in Registeration page 'register.ghp' is prone to a stack-based buffer-overflow vulnerability.
Application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Jungo WinDriver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr12xx kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr12xx kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
Apache Tomcat allows the upload of JSP files to unauthenticated users via a specially crafted request when the readonly initialization parameter of the Default servlet is set to false.