CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1425 matches found

Packet Storm•added 2024/03/06 12:0 a.m.•462 views

Artica Proxy 4.50 Loopback Service Disclosure

KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Advisory ID: KL-001-2024-004 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt 1...

7.4AI score0.04921EPSS

Exploits3

0day.today•added 2024/03/06 12:0 a.m.•566 views

Artica Proxy 4.50 Loopback Service Disclosure Vulnerability

Services that are running and bound to the loopback interface on the Artica Proxy version 4.50 are accessible through the proxy service. In particular, the tailon service is running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Using the tailon service,...

9.8CVSS7.1AI score0.04921EPSS

Exploits3

OSV•added 2024/03/05 8:16 p.m.•1 views

CVE-2024-2056

Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the "tailon" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated...

9.8CVSS5.8AI score

Exploits0References3

Prion•added 2024/03/05 8:16 p.m.•20 views

Design/Logic Flaw

7.2AI score0.04921EPSS

Exploits3References3

CVE•added 2024/03/05 6:57 p.m.•72 views

CVE-2024-2056

CVE-2024-2056 — Artica Proxy Tailon exposure : Connected sources confirm that Artica Proxy runs a tailon service bound to the loopback interface and listening on TCP 7050. The tailon instance is running as root and is accessible via the proxy service, allowing an attacker to view files on the Art...

9.8CVSS9.5AI score0.04921EPSS

Exploits3References3Affected Software1

Cvelist•added 2024/03/05 6:57 p.m.•20 views

CVE-2024-2056 Artica Proxy Loopback Services Remotely Accessible Unauthenticated

6.8AI score0.04921EPSS

Exploits3References3

OSV•added 2024/03/05 5:15 a.m.•2 views

CVE-2023-52432

Improper input validation in IpcTxSndSetLoopbackCtrl in libsec-ril prior to SMR Sep-2023 Release 1 allows local attackers to write out-of-bounds memory...

7.1CVSS5.8AI score0.0006EPSS

Exploits0References1

KoreLogic Security•added 2024/03/05 12:0 a.m.•25 views

Artica Proxy Loopback Services Remotely Accessible Unauthenticated

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.50 Platform: Debian 10 LTS CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel, CWE-552: Files or Directories Accessible to External Parties CVE ID: CVE-2024-2056 2...

9.8CVSS6.7AI score0.04921EPSS

Exploits3Affected Software1

CNNVD•added 2024/03/05 12:0 a.m.•2 views

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2023 Release 1, which stems from improper input validation in the IpcTxSndSetLoopbackCtrl...

7.1CVSS6.7AI score0.0006EPSS

Exploits0References2

Positive Technologies•added 2024/03/05 12:0 a.m.•4 views

PT-2024-18681 · Tailon +1 · Tailon +1

Name of the Vulnerable Software and Affected Versions: Artica Proxy affected versions not specified Description: The issue allows services running and bound to the loopback interface on the Artica Proxy to be accessible through the proxy service. Specifically, the tailon service, which runs as th...

9.8CVSS6.9AI score0.04921EPSS

Exploits3References9

SUSE CVE•added 2024/02/28 4:2 a.m.•1 views

SUSE CVE-2021-46916

In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ethtool loopback test The ixgbe driver currently generates a NULL pointer dereference when performing the ethtool loopback test. This is due to the fact that there isn't a qvector associated...

5.5CVSS6.6AI score0.00017EPSS

Exploits0References3

RedhatCVE•added 2024/02/27 6:2 p.m.•20 views

CVE-2021-46916

A NULL pointer dereference flaw was found in ethtool loopback test in the Linux Kernel. This issue occurs due to a missing qvector associated with the test ring when it is setup, as interrupts are not normally added to the test rings. Exploiting the vulnerability can result in system crash and...

4.4CVSS5.4AI score0.00017EPSS

Exploits0References5