Lucene search
K

69 matches found

Cvelist
Cvelist
added 2026/02/24 5:33 p.m.26 views

CVE-2026-26222 DocLink .NET Remoting Unauthenticated Arbitrary File Read/Write RCE

Altec DocLink now maintained by Beyond Limits Inc. version 4.0.336.0 exposes insecure .NET Remoting endpoints over TCP and HTTP/SOAP via Altec.RDCHostService.exe using the ObjectURI "doclinkServer.soap". The service does not require authentication and is vulnerable to unsafe object unmarshalling,...

10CVSS0.00739EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.10 views

PT-2026-21780

Name of the Vulnerable Software and Affected Versions Altec DocLink version 4.0.336.0 Description The software has insecure .NET Remoting endpoints exposed over TCP and HTTP/SOAP via Altec.RDCHostService.exe using the ObjectURI "doclinkServer.soap". The service does not require authentication and...

10CVSS6.2AI score0.00739EPSS
Exploits0References7
CVE
CVE
added 2026/02/23 10:34 p.m.10 views

CVE-2026-21665

The CVE concerns the Print Service component of Fiserv Originate Loans Peripherals (formerly Velocity Services) in the unsupported 2021.2.4 release (build 4.7.3155.0011). It uses deprecated .NET Remoting TCP channels that enable unsafe deserialization of untrusted data. When exposed to an untrust...

7.7CVSS6.2AI score0.00447EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/23 10:34 p.m.25 views

CVE-2026-21665

The Print Service component of Fiserv Originate Loans Peripherals formerly Velocity Services in unsupported version 2021.2.4 build 4.7.3155.0011 uses deprecated .NET Remoting TCP channels that allow unsafe deserialization of untrusted data. When these services are exposed to an untrusted network ...

7.7CVSS0.00447EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:22 p.m.9 views

CVE-2026-26221

Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service Hyland.Core.Workflow.NTService.exe. An attacker who can reach the service can send crafted .NET Remoting requests to default HTTP channel endpoints on TCP/8900 e.g., TimerServiceAPI.rem and...

9.8CVSS6.2AI score0.01121EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/13 8:51 p.m.9 views

CVE-2026-26333

Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs including EndeavorServer.rem and RemoteFileReceiver.rem and permits the use of SOAP and binary formatters with TypeFilterLevel set to Full. An...

10CVSS6.6AI score0.00929EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/13 3:21 p.m.30 views

CVE-2026-26221 Hyland OnBase Timer Service Unauthenticated .NET Remoting RCE

Hyland OnBase contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service Hyland.Core.Workflow.NTService.exe. An attacker who can reach the service can send crafted .NET Remoting requests to default HTTP channel endpoints on TCP/8900 e.g., TimerServiceAPI.rem and...

9.8CVSS0.01121EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.12 views

PT-2026-7997

Name of the Vulnerable Software and Affected Versions Hyland OnBase affected versions not specified Description The software contains an unauthenticated .NET Remoting exposure in the OnBase Workflow Timer Service Hyland.Core.Workflow.NTService.exe and the Workview Timer Service. An attacker...

10CVSS6.2AI score0.01121EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.24 views

PT-2026-8030

Name of the Vulnerable Software and Affected Versions Calero VeraSMART versions prior to 2022 R1 Description An unauthenticated .NET Remoting HTTP service is exposed on TCP port 8001 in affected versions. The service publishes default ObjectURIs, including EndeavorServer.rem and...

10CVSS6.6AI score0.00929EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.8 views

Hyland Software Hyland OnBase 安全漏洞

Hyland OnBase is a platform developed by Hyland Software in the United States, designed for managing enterprise information and processes. Hyland OnBase has a security vulnerability. This vulnerability stems from an unauthenticated .NET Remoting exposure within the OnBase Workflow Timer Service...

9.8CVSS6.2AI score0.01121EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/15 7:44 p.m.12 views

EUVD-2026-2714

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...

9.3CVSS7.4AI score0.00861EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/15 7:44 p.m.5 views

CVE-2026-23746 Entrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCE

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...

9.3CVSS7.6AI score0.00861EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/15 7:44 p.m.28 views

CVE-2026-23746 Entrust Instant Financial Issuance (IFI) SmartCardController Service .NET Remoting RCE

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service DCG.SmartCardControllerService.exe. The service registers a TCP remoting...

9.3CVSS0.00861EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/11 4:3 p.m.8 views

CVE-2025-34394

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution...

10CVSS7.7AI score0.00603EPSS
Exploits0References1
NVD
NVD
added 2025/12/10 4:16 p.m.5 views

CVE-2025-34395

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...

8.7CVSS0.00659EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/10 3:45 p.m.2 views

CVE-2025-34395 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Path Traversal RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...

8.7CVSS7.8AI score0.00659EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.5 views

Barracuda Service Center 代码问题漏洞

Barracuda Service Center is a service center software from Barracuda USA. A code issue vulnerability exists in Barracuda Service Center versions prior to 2025.1.1, which stems from insufficient protection of the .NET Remoting service and could lead to remote code execution...

10CVSS8.4AI score0.00603EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/09 6:11 p.m.26 views

CVE-2025-34414 Entrust Instant Financial Issuance (IFI) Legacy Remoting Service .NET Remoting RCE

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel with...

9.3CVSS0.00844EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/09 6:11 p.m.5 views

CVE-2025-34414 Entrust Instant Financial Issuance (IFI) Legacy Remoting Service .NET Remoting RCE

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel with...

9.3CVSS8.2AI score0.00844EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-50149

Name of the Vulnerable Software and Affected Versions Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x through 6.10.5 and versions prior to 6.11.1 Description The software has an insecure .NET Remoting exposure in the Legacy Remoting...

9.3CVSS7.7AI score0.00844EPSS
Exploits0References6
Rows per page
Query Builder