Disclosure of DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4
Posted by YEUNG, Tsz Ko on Feb 24 Hi all, I would like to disclose the DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4 Details as below: Vulnerable Software and Version: 1....
Disclosure of DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4
Posted by YEUNG, Tsz Ko on Feb 24 Hi all, I would like to disclose the DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4 Details as below: Vulnerable Software and Version: 1....
DSA-5087 cyrus-sasl2 – security update
It was discovered that the SQL plugin in cyrus-sasl2, a library implementing the Simple Authentication and Security Layer, is prone to a SQL injection attack....
CVE-2020-10632
Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or...
CVE-2020-10635
Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the...
CVE-2020-10636
Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4 user accounts to be obtained. Read More
CVE-2020-10640
Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific...
CVE-2020-14478
A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A...
CVE-2020-14480
Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon...
CVE-2020-14481
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including...