Lucene search
K

604 matches found

CNNVD
CNNVD
added 2023/10/10 12:0 a.m.3 views

Microsoft Client Server Run-time Subsystem Security Vulnerability

The Microsoft Client Server Run-time Subsystem is a client/server run-time subsystem from Microsoft Corporation in the United States that manifests itself as the csrss.exe process. It is a component of the Windows NT family of operating systems, appearing in Windows NT 3.1 and subsequent systems,...

7.8CVSS6.6AI score0.01279EPSS
Exploits0References4
Fedora
Fedora
added 2023/09/16 1:29 a.m.40 views

[SECURITY] Fedora 38 Update: community-mysql-8.0.34-2.fc38

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

7.5CVSS7.8AI score0.01594EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/08/25 12:0 a.m.20 views

Fedora: Security Advisory for libqb (FEDORA-2023-5a717dd33d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00984EPSS
Exploits0References2
Fedora
Fedora
added 2023/08/24 1:32 a.m.25 views

[SECURITY] Fedora 38 Update: libqb-2.0.8-1.fc38

A "Quite Boring" library that provides high-performance, reusable features fo r client-server architecture, such as logging, tracing, inter-process communication IPC, and polling...

9.8CVSS9.6AI score0.00984EPSS
Exploits0
Veracode
Veracode
added 2023/08/05 3:19 a.m.16 views

Arbitrary Code Execution

com.aerospike:aerospike-client is vulnerable to Arbitrary Code Execution. The vulnerability is due untrusted deserialization during client side message validation, which allows for an attacker to trick a client into connecting to a malicious server, which will then execute arbitrary code when the...

9.8CVSS7.9AI score0.01691EPSS
Exploits0References14Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/06/20 12:0 a.m.30 views

Debian dla-3458 : libapache2-mod-php7.3 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3458 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3458-1 [email protected] https://www.debian.org/lts/security/...

4.3CVSS7AI score0.00709EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/06/19 12:0 a.m.75 views

CVE-2023-3247

In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure ...

4.3CVSS6.3AI score0.00709EPSS
Exploits0References6
Gentoo Linux
Gentoo Linux
added 2023/05/30 12:0 a.m.32 views

X.Org X server, XWayland: Multiple Vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description Multiple vulnerabilities have been discovered in X.Org X server, XWayland. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers...

8.8CVSS7.4AI score0.02685EPSS
Exploits0
Prion
Prion
added 2023/05/16 8:15 p.m.21 views

Design/Logic Flaw

Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the "Windows Peer-to-Peer Network" or "Client Server Network" Sage 300 configurations, could recover the SQL connectio...

4CVSS5AI score0.00402EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/16 8:59 a.m.6 views

freerdp: clients using `/parallel` command line switch might read uninitialized data

A vulnerability was found in FreeRDP where clients on UNIX systems using /parallel command line switch might read uninitialized data and send it to the client's server. The vulnerability allows a remote attacker to gain access to sensitive information...

7.5CVSS5.8AI score0.00829EPSS
Exploits0References5
OSV
OSV
added 2023/05/11 7:15 p.m.4 views

CVE-2023-2443

Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API...

7.5CVSS7.1AI score0.00666EPSS
Exploits0References1
NVD
NVD
added 2023/05/11 7:15 p.m.25 views

CVE-2023-2443

Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API...

7.5CVSS7.5AI score0.00666EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/11 6:8 p.m.12 views

CVE-2023-2443

Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API...

7.5CVSS6.8AI score0.00666EPSS
Exploits0References1
OSV
OSV
added 2023/04/14 6:21 p.m.30 views

CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5CVSS5.1AI score0.00543EPSS
Exploits0References5
Fedora
Fedora
added 2023/04/02 1:34 a.m.25 views

[SECURITY] Fedora 36 Update: amanda-3.5.3-1.fc36

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a...

8.8CVSS6.1AI score0.01246EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2023/04/02 12:0 a.m.5 views

The vulnerability of the client-server application for managing power supply sources in RCCMD, related to the use of pre-installed credentials, allows a perpetrator to execute arbitrary code or gain full control over the application.

The vulnerability of the client-server application for managing power supply sources in RCCMD is related to the use of pre-installed credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or gain full control over the application...

9.6CVSS8.2AI score0.00621EPSS
Exploits0References3
OSV
OSV
added 2023/03/31 5:15 p.m.4 views

CVE-2022-3192

Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6...

5.3CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2023/03/31 5:15 p.m.18 views

Input validation

Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6...

5CVSS5.3AI score0.00557EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/31 4:13 p.m.6 views

CVE-2022-3192 Improper Check for Unusual or Exceptional Conditions

Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6...

5.3CVSS5.4AI score0.00557EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/31 4:13 p.m.22 views

CVE-2022-3192 Improper Check for Unusual or Exceptional Conditions

Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6...

5.3CVSS5.6AI score0.00557EPSS
Exploits0References1
Rows per page
Query Builder