CVE-2010-0398
The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack.
Source: CVE-2010-0398
[월:] 2019년 10월
CVE-2019-17324
CVE-2019-17324
ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters. This could lead to create malicious HTML file, because they can inject a content with crafted template. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
Source: CVE-2019-17324
CVE-2019-17326
CVE-2019-17326
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
Source: CVE-2019-17326
CVE-2019-17325
CVE-2019-17325
ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to upload arbitrary local file via the ActiveX method in RexViewerCtrl30.ocx. That could lead to disclosure of sensitive information. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
Source: CVE-2019-17325
CVE-2019-17322
CVE-2019-17322
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation via a POST request with the parameter set to the file path to be written. This can be an executable file that is written to in the arbitrary directory. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
Source: CVE-2019-17322
CVE-2010-0206
CVE-2010-0206
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.
Source: CVE-2010-0206
CVE-2010-0207
CVE-2010-0207
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.
Source: CVE-2010-0207
CVE-2019-17321
CVE-2019-17321
ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue. When requesting web page associated with session, could leak username via session file path of HTTP response data. No authentication is required.
Source: CVE-2019-17321
CVE-2013-1391
CVE-2013-1391
Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration.
Source: CVE-2013-1391
CVE-2019-17323
CVE-2019-17323
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
Source: CVE-2019-17323