Lucene search
K

316 matches found

Vulnrichment
Vulnrichment
added 2023/02/23 12:0 a.m.6 views

CVE-2023-23917

A prototype pollution vulnerability exists in Rocket.Chat server 5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may...

6AI score0.00978EPSS
Exploits0References1
NVD
NVD
added 2023/01/06 10:15 p.m.29 views

CVE-2022-44939

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL...

7.8CVSS7.9AI score0.00387EPSS
Exploits1References1
OSV
OSV
added 2023/01/06 10:15 p.m.5 views

CVE-2022-44939

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL...

7.8CVSS6AI score0.00387EPSS
Exploits1References1
Prion
Prion
added 2023/01/06 10:15 p.m.19 views

Design/Logic Flaw

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL...

4.4CVSS7.9AI score0.00387EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/01/06 12:0 a.m.54 views

CVE-2022-44939

CVE-2022-44939 affects Efs Software Easy Chat Server 3.1; a DLL hijacking flaw in TextShaping.dll allows local attackers to execute arbitrary code via a crafted DLL. Impact: full code execution with high impact. Mitigation/remediation: as per PT-2023-14570, restrict access to TextShaping.dll or a...

7.8CVSS7.9AI score0.00387EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/06 12:0 a.m.10 views

CVE-2022-44939

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL...

8.2AI score0.00387EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/01/06 12:0 a.m.6 views

Chat Server 代码问题漏洞

Chat Server is ramank775 individual developer's chat server based on microservices architecture, supports high availability, high throughput, horizontal expansion. A security vulnerability exists in Efs Software Easy Chat Server version 3.1, which originates from a DLL hijacking vulnerability tha...

7.8CVSS7.8AI score0.00387EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/01/06 12:0 a.m.6 views

PT-2023-14570 · Efs · Efs Software Easy Chat Server

Name of the Vulnerable Software and Affected Versions: Efs Software Easy Chat Server version 3.1 Description: The issue allows attackers to execute arbitrary code via a crafted DLL, exploiting a DLL hijacking vulnerability through the TextShaping.dll component. Recommendations: For Efs Software...

7.8CVSS7.8AI score0.00387EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/01/06 12:0 a.m.31 views

CVE-2022-44939

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL...

8.1AI score0.00387EPSS
Exploits1References1
0day.today
0day.today
added 2022/08/01 12:0 a.m.767 views

Easy Chat Server 3.1 - Remote Stack Buffer Overflow (SEH) Exploit

Exploit Title: Easy Chat Server 3.1 - Remote Stack Buffer Overflow SEH Exploit Author: r00tpgp @ http://www.r00tpgp.com Usage: python easychat-exploit.py Spawns reverse meterpreter LHOST=192.168.0.162 LPORT=1990 CVE: CVE-2004-2466 Installer: http://www.echatserver.com/ Tested on: Microsoft Window...

5CVSS6.6AI score0.74696EPSS
Exploits9
Exploit DB
Exploit DB
added 2022/08/01 12:0 a.m.494 views

Easy Chat Server 3.1 - Remote Stack Buffer Overflow (SEH)

Exploit Title: Easy Chat Server 3.1 - Remote Stack Buffer Overflow SEH Exploit Author: r00tpgp @ http://www.r00tpgp.com Usage: python easychat-exploit.py Spawns reverse meterpreter LHOST=192.168.0.162 LPORT=1990 CVE: CVE-2004-2466 Installer: http://www.echatserver.com/ Tested on: Microsoft Window...

5CVSS6.5AI score0.74696EPSS
Exploits9
OSV
OSV
added 2022/06/28 5:15 p.m.24 views

PYSEC-2022-224

Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...

6.5CVSS1.6AI score0.01578EPSS
Exploits0References5
OSV
OSV
added 2022/06/20 8:18 p.m.12 views

MAL-2022-1678 Malicious code in breakout-chat-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d8e13b6a2b5cc5f8e33630acfd72933e8c38a79591e01e7d2104e695661e9c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:18 p.m.5 views

Malicious code in breakout-chat-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d8e13b6a2b5cc5f8e33630acfd72933e8c38a79591e01e7d2104e695661e9c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Prion
Prion
added 2022/05/31 11:15 p.m.18 views

Authentication flaw

Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function this.authProvider.verifyAccessKey is an async function, as the code is not using await t...

7.5CVSS9.5AI score0.01372EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/05/31 10:35 p.m.6 views

CVE-2022-31013 Authentication bypass in Vartalap chat-server

Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function this.authProvider.verifyAccessKey is an async function, as the code is not using await t...

9.1CVSS9.7AI score0.01372EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/05/31 10:35 p.m.26 views

CVE-2022-31013 Authentication bypass in Vartalap chat-server

Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function this.authProvider.verifyAccessKey is an async function, as the code is not using await t...

9.1CVSS9.8AI score0.01372EPSS
Exploits0References3
CVE
CVE
added 2022/05/31 10:35 p.m.86 views

CVE-2022-31013

Chat Server (Vartalap) vulnerability CVE-2022-31013 affects versions 2.3.2–2.6.0. Root cause is a token validation bug where this.authProvider.verifyAccessKey is treated as asynchronous without awaiting results, enabling authentication bypass. A patch exists in version 2.6.0. Public references ac...

9.8CVSS9.7AI score0.01372EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/31 10:35 p.m.18 views

CVE-2022-31013 Authentication bypass in Vartalap chat-server

Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function this.authProvider.verifyAccessKey is an async function, as the code is not using await t...

9.1CVSS9.3AI score0.01372EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/05/31 12:0 a.m.5 views

Chat Server 输入验证错误漏洞

Chat Server is ramank775 individual developer's chat server based on microservices architecture, supporting high availability, high throughput, and horizontal scaling. An input validation error vulnerability exists in Chat Server versions 2.3.2 through 2.6.0, which stems from the application havi...

9.8CVSS8.3AI score0.01372EPSS
Exploits0References4
Rows per page
Query Builder