Lucene search
K

167 matches found

Packet Storm News
Packet Storm News
added 2025/04/28 12:0 a.m.3 views

Metadata-Private Messaging without Coordination

For those seeking end-to-end private communication free from pervasive metadata tracking and censorship, the Tor network has been the de-facto choice in practice, despite its susceptibility to traffic analysis attacks. Recently, numerous metadata-private messaging proposals have emerged with the...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/11 12:0 a.m.7 views

The vulnerability of the NATS messaging system’s server lies in the lack of access control elements for the JetStream API. This allows attackers to delete data.

The vulnerability of the NATS messaging system server is related to the lack of access control elements for the JetStream API. Exploiting this vulnerability could allow a malicious actor to delete data by sending specially crafted requests...

9.6CVSS7.7AI score0.00529EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 11:45 p.m.13 views

CVE-2022-41271

An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration PI - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability...

9.4CVSS7.4AI score0.00566EPSS
Exploits0References1
OSV
OSV
added 2024/11/04 2:15 a.m.4 views

CVE-2024-20118

In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062392; Issue ID: MSV-1621...

6.7CVSS5.9AI score0.00079EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/08/08 3:17 p.m.35 views

Moderate: Red Hat Security Advisory: dbus security update

An update for dbus is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

6.5CVSS6.7AI score0.01417EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2023/08/08 12:0 a.m.30 views

Moderate: dbus security update

D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered...

6.5CVSS7AI score0.01417EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/08/07 8:59 a.m.52 views

Moderate: Red Hat Security Advisory: dbus security update

An update for dbus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

6.5CVSS6.7AI score0.01417EPSS
Exploits1References2
OSV
OSV
added 2023/08/07 12:0 a.m.34 views

ALSA-2023:4498 Moderate: dbus security update

D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered...

6.5CVSS7AI score0.01417EPSS
Exploits1References4
Fedora
Fedora
added 2023/06/11 1:59 a.m.12 views

[SECURITY] Fedora 37 Update: dbus-1.14.8-1.fc37

D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility...

7.1AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/02/24 12:0 a.m.18 views

Spring Cloud Function for Azure Function

What is the Spring Cloud Function? Spring Cloud Function is a SpringBoot-based framework allowing users to concentrate on their business logic by implementing them as Java Functions i.e., Supplier, Function, Consumer. In turn the framework provides necessary abstraction to enable execution of the...

0.1AI score
Exploits0
AlmaLinux
AlmaLinux
added 2023/01/12 12:0 a.m.37 views

Moderate: dbus security update

D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets...

6.5CVSS7.2AI score0.0131EPSS
Exploits3References8
NVD
NVD
added 2022/12/13 3:15 a.m.22 views

CVE-2022-41271

An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration PI - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability...

9.4CVSS0.00566EPSS
Exploits0References2
Fedora
Fedora
added 2022/10/26 5:35 p.m.34 views

[SECURITY] Fedora 35 Update: dbus-1.12.24-1.fc35

D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility...

6.5CVSS1.5AI score0.0131EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2022/10/06 12:0 a.m.6 views

Vulnerability of the actionLinkHandler method in the server-based corporate messaging system that supports file sharing and video conferences. Chat, which allows attackers to expose sensitive information.

The vulnerability of the actionLinkHandler method in the server-based corporate messaging system that supports file and video conferencing exchanges. Chat-related vulnerabilities involve insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose...

4.3CVSS5.4AI score0.00666EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/07 12:0 a.m.6 views

The vulnerability of the centralized system for managing emergency messages and events in CAMS, compared to distributed systems like CENTUM, allows a intruder to cause system failures, including the suppression of emergency signals.

The vulnerability of the centralized system for managing emergency messages and events in CAMS distributed systems like CENTUM is related to the use of pre-set account data. Exploiting this vulnerability could allow a malicious actor to cause server failures, including the suppression of emergenc...

7.8CVSS7.7AI score0.00958EPSS
Exploits0References3
CNVD
CNVD
added 2022/01/13 12:0 a.m.16 views

TIBCO FTL Trust Management Issue Vulnerability

Tibco Ftl is an application-to-application messaging system from Tibco USA, Inc. Designed for low latency and high performance, TIBCO FTL suffers from a trust management issue vulnerability that stems from hard-coded secrets used in the default domain server, which can be exploited by attackers t...

9.3CVSS3.1AI score0.00854EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/13 12:0 a.m.18 views

Tibco Eftl Information Disclosure Vulnerability

Tibco Eftl is an add-on to Tibco Ftl and Tibco Enterprise Message Service™ from Tibco USA, Inc. Extending Tibco Ftl® messaging to platforms such as Web browsers and mobile devices, an information disclosure vulnerability exists in TIBCO eFTL, which stems from a client inheriting privileges from a...

8.8CVSS2.2AI score0.00676EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/05 12:0 a.m.3 views

Tibco Software TIBCO Software FTL 信任管理问题漏洞

Tibco Software TIBCO Software FTL is an application-to-application messaging system from Tibco Software USA. Tibco Software TIBCO Software FTL is vulnerable to a trust management issue that could allow a remote attacker to compromise the target system...

7.5CVSS7.4AI score0.00407EPSS
Exploits0References4
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/06/11 6:0 a.m.53 views

Why hackers don’t fly coach

Physical security is relied on too heavily for cabin-based systems on the Airline Information Services Domain AISD. Whilst the Aircraft Control Domain ACD is separated, there are still plenty of interesting information, data and systems that are accessible from the cabin, for those who are prepar...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.3 views

The vulnerability of the NATS messaging system server, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of the NATS messaging system server is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS7.2AI score0.03658EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder