Lucene search
K

33 matches found

Cvelist
Cvelist
added last week36 views

CVE-2026-54777 CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF NetNamedPipe transport accepts attachment to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic when an attacker races NamedPipeListen...

6.5CVSS0.00088EPSS
Exploits0References5
OSV
OSV
added last week3 views

CVE-2026-54777 CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF NetNamedPipe transport accepts attachment to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic when an attacker races NamedPipeListen...

6.5CVSS6.1AI score0.00088EPSS
Exploits0References7
OSV
OSV
added 2026/06/19 8:46 p.m.5 views

GHSA-6JJ2-4Q5C-X8G6 CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance

Impact CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic. NetNamedPipe creates a shared memory object based on the listening url, then generated a unique GUID for the named pipe it will be using and saves this ...

6.5CVSS5.9AI score0.00088EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.12 views

PT-2026-51074

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description The NetNamedPipe transport in CoreWCF allows local interception of traffic. This occurs because the transport accepts attachments to pre-existing named pipe instances...

6.5CVSS6AI score0.00088EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/01/09 12:17 p.m.8 views

CVE-2018-10169

ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a...

10CVSS7.7AI score0.02538EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2718

Malware in sbrugna...

7.8CVSS7.7AI score0.00383EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2248

Malware in sbrugna...

10CVSS9.5AI score0.0273EPSS
Exploits0References2
NVD
NVD
added 2019/04/30 7:29 p.m.23 views

CVE-2019-9486

STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. An attacker can inject...

9CVSS8.9AI score0.02289EPSS
Exploits1References1
Prion
Prion
added 2019/04/30 7:29 p.m.20 views

Privilege escalation

STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. An attacker can inject...

9CVSS8.9AI score0.02289EPSS
Exploits1References1Affected Software3
CVE
CVE
added 2019/04/30 6:27 p.m.68 views

CVE-2019-9486

STRATO HiDrive Desktop Client 5.0.1.0 for Windows is affected by a SYSTEM privilege-escalation vulnerability via the HiDriveMaintenanceService, which exposes a NetNamedPipe endpoint and allows code injection through insecure interprocess communication. The issue also affects Telekom MagentaCLOUD ...

9CVSS8.8AI score0.02289EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/04/30 6:27 p.m.27 views

CVE-2019-9486

STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. An attacker can inject...

8.9AI score0.02289EPSS
Exploits1References1
CNVD
CNVD
added 2018/05/04 12:0 a.m.4 views

CyberGhost for Windows Privilege Exploit

CyberGhost for Windows is a Windows-based VPN software. A power lifting vulnerability exists in CyberGhost version 6.5.0.3180 for Windows-based platforms, which stems from a NetNamedPipe endpoint created by the CG6Service service that allows installed applications to connect and invoke publicly...

7.8CVSS7.3AI score0.00383EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/04 12:0 a.m.3 views

Golden Frog VyprVPN for Windows Privilege Exploit

Golden Frog VyprVPN for Windows is a suite of VPN software for the Windows platform. A privilege extraction vulnerability exists in Golden Frog VyprVPN version 2.12.1.8015 for Windows-based platforms, which originates when the VyprVPN service creates a NetNamedPipe endpoint that allows an install...

7.8CVSS7.4AI score0.00351EPSS
Exploits0References1
Prion
Prion
added 2018/05/02 7:29 a.m.15 views

Privilege escalation

CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method...

7.2CVSS8AI score0.00383EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/05/02 7:29 a.m.21 views

CVE-2018-10646

CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method...

7.8CVSS8AI score0.00383EPSS
Exploits0References1
Prion
Prion
added 2018/05/02 7:29 a.m.12 views

Privilege escalation

Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The "SetProperty" method allows an attacker t...

7.2CVSS8AI score0.00351EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/05/02 7:29 a.m.11 views

CVE-2018-10645

Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The "SetProperty" method allows an attacker t...

7.8CVSS8AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/05/02 7:0 a.m.12 views

CVE-2018-10645

Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The "SetProperty" method allows an attacker t...

8AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2018/05/02 7:0 a.m.43 views

CVE-2018-10646

CyberGhost 6.5.0.3180 for Windows contains a SYSTEM privilege-escalation in the CG6Service via a NetNamedPipe endpoint. The ConnectToVpnServer method accepts a connectionParams argument that can specify a dynamic library plugin to run on every VPN connection, enabling code execution in the SYSTEM...

7.8CVSS8AI score0.00383EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/05/02 7:0 a.m.50 views

CVE-2018-10645

CVE-2018-10645 affects Golden Frog VyprVPN 2.12.1.8015 for Windows. The VyprVPN service exposes a NetNamedPipe endpoint; its SetProperty method allows configuring AdditionalOpenVpnParameters and OpenVPN command line, enabling a dynamic library plugin via the OpenVPN plugin parameter to run code u...

7.8CVSS8AI score0.00351EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder