CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2014-2956
https://notcve.org/view.php?id=CVE-2014-2956
08 Jul 2014 — ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access control for method calls, which allows remote attackers to trigger the downloading and execution of arbitrary programs via a crafted web site. ScriptHelperApi en el control AVG ScriptHelper ActiveX en ScriptHelper.exe en AVG Secure Search Toolbar anterior a 18.1.7.598 y AVG Safeguard anterior a 18.1.7.644 no impl... • http://www.kb.cert.org/vuls/id/960193 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-7142
https://notcve.org/view.php?id=CVE-2006-7142
07 Mar 2007 — The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in executable programs for encrypted configuration files, which allows attackers to recover the keys from the configuration files and decrypt the disk drive. La utilidad "gestión centralizada" para Utimaco Safeguard almacena claves criptográficas directamente en el código, en programas ejecutables para ficheros de configuración cifrados, lo cual permite a atacantes remotos recuperar claves de los ficheros de config... • http://www.securityfocus.com/archive/1/448598/100/0/threaded • CWE-798: Use of Hard-coded Credentials •