Lucene search
K

83 matches found

ATTACKERKB
ATTACKERKB
added 2024/06/18 6:15 a.m.2 views

CVE-2024-37080

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...

9.8CVSS6.2AI score0.12478EPSS
Exploits0References2
NVD
NVD
added 2024/04/09 5:16 p.m.30 views

CVE-2024-29905

DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process e.g., when using dirac-proxy-init, it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then...

8.1CVSS8AI score0.00317EPSS
Exploits0References2
CVE
CVE
added 2024/04/09 4:49 p.m.70 views

CVE-2024-29905

Summary: CVE-2024-29905 affects DIRAC prior to version 8.0.41. During the proxy generation process (e.g., dirac-proxy-init), unauthorized users on the same machine could gain read access to the proxy for a sub-millisecond window, enabling actions as if using the original proxy. The issue is mitig...

8.1CVSS8AI score0.00317EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/04/09 4:49 p.m.53 views

CVE-2024-29905 DIRAC: Unauthorized users can read proxy contents during generation

DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process e.g., when using dirac-proxy-init, it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then...

8.1CVSS8.2AI score0.00317EPSS
Exploits0References2
Fedora
Fedora
added 2024/03/28 1:25 a.m.46 views

[SECURITY] Fedora 39 Update: perl-Data-UUID-1.227-1.fc39

This module provides a framework for generating v3 UUIDs Universally Unique Identifiers, also known as GUIDs Globally Unique Identifiers. A UUID is 128 bits long, and is guaranteed to be different from all other UUIDs/GUIDs generated until 3400 CE. UUIDs were originally used in the Network...

5.5CVSS5.3AI score0.00504EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.6 views

The vulnerability of distributed computing platforms and PowerJob task scheduling systems, related to incorrect default permissions, allows attackers to gain unauthorized access to protected information.

The vulnerability of distributed computing platforms and the PowerJob task scheduling system is related to incorrect default permissions. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.09545EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/26 12:0 a.m.4 views

The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure VMware vCenter Server allows a perpetrator to execute arbitrary code.

The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, VMware vCenter Server, is related to the possibility of writing data outside of the allowed range. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.4AI score0.99428EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.5 views

The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure VMware vCenter Server allows a attacker to cause a service failure.

The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, such as VMware vCenter Server, is caused by a buffer overflow in memory. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

7.8CVSS7.7AI score0.00901EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.6 views

The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure VMware vCenter Server allows a attacker to cause service failures or execute arbitrary code.

The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, VMware vCenter Server, is caused by a buffer overflow in memory. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

8.1CVSS8.4AI score0.33945EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/07/10 12:0 a.m.6 views

The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, VMware vCenter Server, arises from the use of memory after it is released. This allows a perpetrator to execute arbitrary code.

The vulnerability of the DCERPC protocol implementation in software for managing virtual infrastructure such as VMware vCenter Server relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

8.1CVSS8.1AI score0.01248EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.6 views

The vulnerability of the DCE/RPC process callaway system for operating systems like MacOS allows a perpetrator to execute arbitrary code.

The vulnerability of the DCE/RPC process callouts system for MacOS operating systems relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS8.1AI score0.01706EPSS
Exploits0References4Affected Software1
Akamai Blog
Akamai Blog
added 2023/05/11 1:0 p.m.10 views

Today’s Evolving Cloud Strategies Are Embracing Distributed Computing

...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/04/19 12:0 a.m.4 views

PowerJob 安全漏洞

PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A security vulnerability exists in PowerJob version V4.3.1 that stems from the presence of insecure privileges...

5.3CVSS5.6AI score0.09545EPSS
Exploits2References2
OSV
OSV
added 2023/03/30 12:30 p.m.14 views

GHSA-34M5-796P-MJCP Apache UIMA DUCC allows remote code execution

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" DUCC module of Apache UIMA, an authenticated user that has the permissions ...

8.8CVSS8.8AI score0.02957EPSS
Exploits0References3
OSV
OSV
added 2022/03/02 11:15 p.m.7 views

AZL-8903 CVE-2021-23192 affecting package samba 4.12.5-7

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements...

7.5CVSS6.9AI score0.01906EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/25 12:0 a.m.13 views

Oracle MySQL Cluster Buffer Overflow Vulnerability (CNVD-2022-13059)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful, highly redundant version of Oracle MySQL Cluster for distributed computing environments. The vulnerability can be exploited to allow a remote privileged user to compute...

2.9CVSS3.1AI score0.01443EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/25 12:0 a.m.27 views

Oracle MySQL Cluster Buffer Overflow Vulnerability (CNVD-2022-13053)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful, highly redundant version of Oracle MySQL Cluster for distributed computing environments. Oracle MySQL Cluster is vulnerable to buffer overflow, which can be exploited to...

2.9CVSS2.7AI score0.01443EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/25 12:0 a.m.20 views

Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-13058)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error, which can be exploited to execute arbitrary...

6.3CVSS3.7AI score0.02621EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/25 12:0 a.m.19 views

Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-13055)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error, which can be exploited by attackers to...

6.3CVSS4.9AI score0.03193EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/25 12:0 a.m.20 views

Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-13056)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error that could be exploited by attackers to...

6.3CVSS4.9AI score0.02621EPSS
Exploits0References1
Rows per page
Query Builder