Search Results | AttackerKB

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2019-4001

Disclosure Date: March 24, 2020 (last updated February 21, 2025)

Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to execute arbitrary NodeJS code.

Attacker Value

Unknown

CVE-2019-4000

Disclosure Date: February 25, 2020 (last updated February 21, 2025)

Improper neutralization of directives in dynamically evaluated code in Druva inSync Mac OS Client 6.5.0 allows a local, authenticated attacker to execute arbitrary Python expressions with root privileges.

Attack Vector: Local Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-3999

Disclosure Date: February 25, 2020 (last updated February 21, 2025)

Improper neutralization of special elements used in an OS command in Druva inSync Windows Client 6.5.0 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.

Attack Vector: Local Privileges: Low User Interaction: None

3 Total Results

Displaying 1-3 of 3

Unknown

CVE-2019-4001

Unknown

CVE-2019-4000

Unknown

CVE-2019-3999

Quick Cookie Notification