Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28290 of 28407

CVE-2016-10323

Posted by Cyberthreat Blog | Apr 10, 2017 | CVE Notifications |

Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a “synophoto_dsm_user –copy-no-ea” command.

CVE-2016-8235

Posted by Cyberthreat Blog | Apr 10, 2017 | CVE Notifications |

Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.

CVE-2016-8237

Posted by Cyberthreat Blog | Apr 10, 2017 | CVE Notifications |

Remote code execution in Lenovo Updates (not Lenovo System Update) allows man-in-the-middle attackers to execute arbitrary code.

CVE-2017-7646

Posted by Cyberthreat Blog | Apr 10, 2017 | CVE Notifications |

SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server’s filesystem and read the contents of arbitrary files contained within.

CVE-2017-7647

Posted by Cyberthreat Blog | Apr 10, 2017 | CVE Notifications |

SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.

Author: Cyberthreat Blog

CVE-2016-10323

CVE-2016-8235

CVE-2016-8237

CVE-2017-7646

CVE-2017-7647