17 matches found
SUSE CVE-2026-23941
Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in Erlang OTP inets httpd module allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/httpserver/httpdrequest.erl and program routines httpdrequest:parseheaders/7. The...
EUVD-2020-30921
CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CodeMeter Runtime Server service to inject malicious code that would execute with...
CVE-2020-37017 CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path
CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CodeMeter Runtime Server service to inject malicious code that would execute with...
CVE-2020-37017
The CVE-2020-37017 entry concerns CodeMeter 6.60 with an unquoted service path in the CodeMeter Runtime Server service. This unquoted binary path is the root cause that could allow a local attacker to execute arbitrary code with LocalSystem privileges. Affected component: CodeMeter Runtime Server...
CVE-2020-37017
CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CodeMeter Runtime Server service to inject malicious code that would execute with...
PT-2026-5291
Name of the Vulnerable Software and Affected Versions CodeMeter version 6.60 Description CodeMeter 6.60 contains an unquoted service path that may allow local users to execute arbitrary code with elevated system privileges. An attacker can exploit the unquoted binary path in the CodeMeter Runtime...
EUVD-2021-7551
Malicious code in bioql PyPI...
CVE-2021-20093
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server...
CVE-2021-20094
A denial of service vulnerability exists in Wibu-Systems CodeMeter versions 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server...
CVE-2021-20094
A denial of service vulnerability exists in Wibu-Systems CodeMeter versions 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server...
CVE-2021-20093
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server...
Denial of service
A denial of service vulnerability exists in Wibu-Systems CodeMeter versions 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server...
CVE-2021-20094
CVE-2021-20094 is a publicly documented vulnerability in Wibu-Systems CodeMeter Runtime (CmWAN server) affecting versions earlier than 7.21a. An unauthenticated remote attacker can crash the CodeMeter Runtime Server by sending specially crafted packets to the CmWAN service. The connected sources ...
CVE-2021-20094
A denial of service vulnerability exists in Wibu-Systems CodeMeter versions 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server...
CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path
Exploit Title: CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2020-08-05 Vendor Homepage: https://www.wibu.com/us/products/codemeter/runtime.html Tested Version: 6.60 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es...
CVE-2019-14838
A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...
CVE-2006-6696
Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MBSERVICENOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem CSRSS process, which ...