Citrix Application Delivery Controller (ADC) and Gateway are prone to a directory traversal vulnerability that allows attackers to upload an XML file via newbm.pl and execute system commands.
The srv2.sys driver exposes functionality that allows remote users to write arbitrary memory via specially crafted packet and gain the ability to execute code on the target server.
This module triggers a memory corruption vulnerability in the Remote Desktop Service by sending a malformed packet.
Tenable found an unauthenticated remote code execution vulnerability in the SolarWinds Dameware Remote Mini Remote Client Agent Service (DWRCS.exe) version 12.1.0.89.
This module triggers a use after free vulnerability in the Remote Desktop Service by sending a malformed packet.
Maple Computer SNMP Asministrator is prone to a buffer-overflow vulnerability when handling a crafted packet.
File Share Wizard is prone to a buffer-overflow vulnerability when handling a crafted POST packet.
The specific flaw exists within BwPAlarm.dll, which is accessed through the 70603 IOCTL in the webvrpcs process. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer.
Adobe ColdFusion is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JNBridge protocol.
This module triggers a use after free vulnerability in the Remote Desktop Service by sending a malformed RDO packet to the 3389/TCP port.