Lucene search
K

183 matches found

Vulnrichment
Vulnrichment
added 2024/10/28 3:54 p.m.11 views

CVE-2024-42028

A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application Version 8.4.62 and earlier allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server...

8.8CVSS7.2AI score0.00163EPSS
Exploits0References1
CVE
CVE
added 2024/10/28 3:54 p.m.49 views

CVE-2024-42028

CVE-2024-42028 affects Ubiquiti UniFi Network Application (Self-Hosted UniFi Network Server) version 8.4.62 and earlier. A local attacker with a legitimate OS user can perform high-privilege actions on the UniFi Network Server. This is a local privilege-escalation issue with CVSS v3.x base score ...

8.8CVSS8.7AI score0.00163EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/28 3:54 p.m.14 views

CVE-2024-42028

A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application Version 8.4.62 and earlier allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server...

8.8CVSS0.00163EPSS
Exploits0References1
OSV
OSV
added 2024/09/13 4:15 p.m.6 views

CVE-2024-42025

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers Linux with UniFi Network Application Version 8.3.32 and earlier allows a malicious actor with unifi user shell access to escalate privileges to root on the host device...

7.8CVSS5.8AI score0.00789EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/08/23 12:0 a.m.376 views

DiCal-RED 4009 Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-042 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Risk Level: Medium Solution...

5.4CVSS7.1AI score0.00337EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 5 : gimp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gimp: Use-after-free vulnerabilities in the channel and layer properties parsing process CVE-2016-4994 -...

7.8CVSS8.4AI score0.04509EPSS
Exploits0References2
NVD
NVD
added 2024/04/23 4:15 p.m.13 views

CVE-2024-32258

The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM...

8.8CVSS6.7AI score0.01872EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/04/23 4:15 p.m.12 views

CVE-2024-32258

The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM...

8.8CVSS5.9AI score0.01872EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/04/23 12:0 a.m.13 views

CVE-2024-32258

The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM...

7AI score0.01872EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/23 12:0 a.m.10 views

CVE-2024-32258

The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM...

7.1AI score0.01872EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/23 12:0 a.m.6 views

PT-2024-24474 · Fceux · Fceux

Name of the Vulnerable Software and Affected Versions: fceux version 2.7.0 Description: The network server of fceux has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by using a fake ROM. Recommendations: For fceux version 2.7.0, as ...

8.8CVSS6.9AI score0.01872EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2024/04/23 12:0 a.m.13 views

CVE-2024-32258

The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM...

8.8CVSS8.8AI score0.01872EPSS
Exploits1
CVE
CVE
added 2024/04/23 12:0 a.m.53 views

CVE-2024-32258

The CVE-2024-32258 entry concerns FCEUX 2.7.0’s network server (NetPlay). A path traversal vulnerability exists due to inadequate filtering of ROM file names, allowing an unauthenticated attacker to overwrite arbitrary files on the server by sending a crafted ROM load request. Documentation in th...

8.8CVSS6.9AI score0.01872EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/02/28 12:0 a.m.6 views

The vulnerability of the `ksmbd_tcp_new_connection()` function in the `fs/smb/server/transport_tcp.c` module, which is part of the SMB (Server Message Block) networking protocol implementation in the ksmbd server kernel of the Linux operating system. This vulnerability allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ksmbdtcpnewconnection function in the fs/smb/server/transporttcp.c module, which is part of the SMB Server Message Block networking protocol implementation in the ksmbd server kernel of the Linux operating system, relates to the use of memory after it is freed. Exploiting...

7.8CVSS6.8AI score0.00828EPSS
Exploits0References47Affected Software5
OSV
OSV
added 2024/02/14 8:50 p.m.22 views

CVE-2024-25619 Destroying OAuth Applications doesn't notify Streaming of Access Tokens being destroyed in mastodon

Mastodon is a free, open-source social network server based on ActivityPub. When an OAuth Application is destroyed, the streaming server wasn't being informed that the Access Tokens had also been destroyed, this could have posed security risks to users by allowing an application to continue...

3.1CVSS4.4AI score0.00363EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.5 views

The vulnerability of the qemu_clipboard_request() function in the embedded VNC emulator server of the QEMU hardware support allows a hacker to trigger a service failure.

The vulnerability of the qemuclipboardrequest function in the embedded VNC emulator server of the QEMU hardware emulation software is related to errors in pointer manipulation during the processing of ClientCutText messages. Exploiting this vulnerability can allow an attacker to cause a service...

6.8CVSS6.5AI score0.01261EPSS
Exploits0References10Affected Software5
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.3 views

dwc_network_server_emulator Security Vulnerability

dwcnetworkserveremulator is a Nintendo DS and Wii online multiplayer server emulator by barronwaffles individual developer. A security vulnerability exists in dwcnetworkserveremulator, which stems from DS Wireless Communication DWC with DWCVERSION3 and DWCVERSION11, that allows a remote attacker ...

9.8CVSS7.4AI score0.01566EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.7 views

PT-2023-29437 · Netty +1 · Netty +1

Name of the Vulnerable Software and Affected Versions: XXL-RPC affected versions not specified Description: The issue concerns a high-performance, distributed RPC framework. When a TCP server is set up using the Netty framework and the Hessian serialization mechanism, attackers may be able to...

10CVSS8.3AI score0.01046EPSS
Exploits0References11
Snyk
Snyk
added 2023/09/13 5:45 p.m.1 views

Uncaught Exception

Overview grpcio is a None Affected versions of this package are vulnerable to Uncaught Exception. due to the lack of error handling in the TCP server. An attacker can cause a denial of service by initiating a significant number of connections with the server. Note: This is only exploitable if the...

7.5CVSS6.8AI score0.00666EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.2 views

编号撤回

dnsmasq is a lightweight DNS forwarding and DHCP and TFTP server written in C. It can be used as a server to forward DNS, DHCP, and TFTP. This CVE number has been withdrawn...

5AI score
Exploits0References2
Rows per page
Query Builder