124 matches found
CVE-2024-25999
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service...
Input validation
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service...
CVE-2024-25999 PHOENIX CONTACT: Privilege escalation in the OCPP agent service
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service...
CVE-2024-25999 PHOENIX CONTACT: Privilege escalation in the OCPP agent service
An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service...
EulerOS 2.0 SP9 : qemu (EulerOS-SA-2023-2906)
According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands whe...
CVE-2023-20241
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...
CVE-2023-20240
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...
Out-of-bounds
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...
CVE-2023-20241
Cisco Secure Client Software (formerly AnyConnect) is affected by multiple DoS vulnerabilities due to an out-of-bounds memory read. An authenticated, local attacker who has credentials on a multi-user system can exploit this by logging in while another user is active, sending crafted packets to a...
CVE-2023-20240
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...
SUSE CVE-2019-10146
A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser...
SUSE CVE-2019-10179
A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority KRA Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. An attacker could trick an authenticated victim into executing special...
PT-2023-3203 · Trend Micro · Trend Micro Apex One Security Agent +1
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One Security Agent affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: The issue is related to the use of dangerous methods or functions in the Trend Micro Apex One a...
CVE-2022-47529
Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...
CVE-2022-47529
Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...
CVE-2022-30154
Microsoft File Server Shadow Copy Agent Service RVSS Elevation of Privilege Vulnerability...
CVE-2022-30154
Microsoft File Server Shadow Copy Agent Service RVSS Elevation of Privilege Vulnerability...
CVE-2022-30154 Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability
...
CVE-2021-1568
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copyin...
Design/Logic Flaw
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copyin...