230 matches found
CVE-2020-1006
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1001, CVE-2020-1017...
CVE-2020-1001
CVE-2020-1001 affects the Windows Push Notification Service on Windows client/server platforms. The vulnerability is described as an Elevation of Privilege due to how objects are handled in memory by WNS, enabling a local attacker to gain higher privileges. CVSSv3.1 base score is 7.8 (High), with...
CVE-2020-1001
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017...
CVE-2020-0940
CVE-2020-0940 is a Windows Push Notification Service Elevation of Privilege vulnerability. Connected documents (CNVD-2020-25581, CNVD-2020-32584) describe an EoP arising from how memory objects are handled in Windows Push Notification Service, enabling a locally authenticated attacker to elevate ...
CVE-2020-0940
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1001, CVE-2020-1006, CVE-2020-1017...
Windows Push Notification Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To...
Windows Push Notification Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To...
Windows Push Notification Service Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this...
Cisco Finesse Information Disclosure (cisco-sa-20170503-finesse-ucce)
According to its self-reported version, the Cisco Finesse Software is affected by an information disclosure vulnerability. This could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user accoun...
CVE-2019-2098
In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional privileges needed. User interaction is not needed for exploitation. Product:...
Design/Logic Flaw
Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. NOTE: users' apps were not resolving dependencies over cleartext HTTP...
CVE-2019-12728
Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. NOTE: users' apps were not resolving dependencies over cleartext HTTP...
CVE-2019-12728
Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. NOTE: users' apps were not resolving dependencies over cleartext HTTP...
PT-2019-11353 · Jenkins · Jenkins Amazon Sns Build Notifier Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Amazon SNS Build Notifier Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specificall...
Where can I find official IBM Security Bulletins for Tealeaf offerings?
Question Where can I find official IBM Security Bulletins for Tealeaf offerings? Answer Content Answer: IBM Security Bulletins are published on ibm.com outside of the IBM Client Success Portal where you are reading this article. In an effort to ensure that all interested parties have access to th...
CVE-2018-3108
Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware subcomponent: Oracle Notification Service. Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to...
Design/Logic Flaw
Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware subcomponent: Oracle Notification Service. Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to...
Unspecified Vulnerability in Oracle Fusion Middleware (CNVD-2018-21228)
Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle USA. The platform provides middleware, software collection and other functions. A security vulnerability exists in the Oracle Nofication Service subcompone...
Apple iOS APNs Man-in-the-Middle Attack Vulnerability
Apple iOS is an operating system developed by Apple Inc. for mobile devices.APNs are a component of the push notification service. A security vulnerability exists in the APNs component in versions of Apple iOS prior to 11. An attacker can exploit this vulnerability to conduct a man-in-the-middle...
CVE-2017-13863
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "APNs" component. It allows man-in-the-middle attackers to track users by leveraging the transmission of client certificates...