197 matches found
CVE-2023-28072
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system...
PT-2023-21534 · Dell · Dell Alienware Command Center
Name of the Vulnerable Software and Affected Versions: Dell Alienware Command Center versions prior to 5.5.51.0 Description: The issue is related to a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting...
Netwrix Auditor < 10.5 Insecure Object Deserialization
The version of Netwrix Auditor installed on the remote Windows host is prior to 10.5. It is, therefore, affected by an insecure object deserialization vulnerability: - Netwrix Auditor is vulnerable to an insecure object deserialization issue that is caused by an unsecured .NET remoting service. A...
New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain
Researchers have disclosed details about a security vulnerability in the Netwrix Auditor application that, if successfully exploited, could lead to arbitrary code execution on affected devices. "Since this service is typically executed with extensive privileges in an Active Directory environment,...
CVE-2021-27460
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to th...
Code injection
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to th...
CVE-2021-27460 Rockwell Automation FactoryTalk AssetCentre Deserialization of Untrusted Data
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthenticated attacker to gain full access to th...
Veritas Enterprise Vault Code Issue Vulnerability (CNVD-2021-95590)
Veritas Enterprise Vault is an enterprise-class file protection, archive automation software from Veritas, Inc. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and prior versions, where Enterprise Vault applications start multiple services that listen on NET Remoting TCP port t...
Veritas Enterprise Vault Code Issue Vulnerability (CNVD-2021-95591)
Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and earlier versions, where Enterprise Vault application startup launches multiple services that listen for commands...
Veritas Enterprise Vault code issue vulnerability
Veritas Enterprise Vault is an enterprise-class file protection and archive automation software from Veritas, Inc. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and prior versions, where Enterprise Vault applications start multiple services that listen for commands from clien...
Veritas Enterprise Vault Code Execution Vulnerability (CNVD-2021-95586)
Veritas Enterprise Vault is an enterprise-grade file protection, archiving automation software from Veritas, USA. A security vulnerability exists in Veritas Enterprise Vault 14.1.2 and earlier versions, where Enterprise Vault application startup launches multiple services that listen for commands...
CVE-2021-44681
An issue 5 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44682
An issue 6 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44680
An issue 4 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44679
An issue 3 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44678
An issue 2 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
CVE-2021-44679
An issue 3 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
Deserialization of untrusted data
An issue 3 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
Deserialization of untrusted data
An issue 2 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...
Deserialization of untrusted data
An issue 4 of 6 was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization...