[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15162 Download | Alert*

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration. To exploit the vulnerability, an attacker must entice a user on an affected SSMS server to open a ...

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration. To exploit the vulnerability, an attacker must entice a user on an affected SSMS server to open a ...

The host is installed with NetMechanica NetDecision before 4.6.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an invalid version number. Successful exploitation could allow attackers to obtain the source code of NetDecision script files with a .nd extension.

The host is installed with NetMechanica NetDecision before 4.6.1 and is prone an information disclosure vulnerability. A flaw is present in the application, which fails to handle a request with a trailing "?". Successful exploitation could allow attackers to obtain the installation path.

The host is installed with Symantec Altiris WISE Package Studio before 8.0MR1 and is prone to multiple sql injection vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation could allow remote attackers to execute arbitrary SQL commands.

The host is installed with VMware Workstation before 10.0.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a symlink attack on a file in /tmp. Successful exploitation allows local users to write to arbitrary files.

The host is installed with Apache Subversion 1.8.0 before 1.8.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack. Successful exploitation could allow local users to gain privileges via a symlink attack on the pid file.

The host is installed with Subversion 1.8.0 before 1.8.3 and is prone to a local privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack on the pid file. Successful exploitation could allow local users to gain privileges.

Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes, which are not properly removed and are rendered in the local zone.

Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process.


Pages:      Start    1471    1472    1473    1474    1475    1476    1477    1478    1479    1480    1481    1482    1483    1484    ..   1516

© SecPod Technologies