152 matches found
CVE-2024-51544 Service Control
Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
ABB ASPECT 安全漏洞
ABB ASPECT is a scalable building energy management and control solution from ABB Switzerland. ABB ASPECT has a security vulnerability that stems from the inclusion of a service control vulnerability...
When Guardians Become Predators: How Malware Corrupts the Protectors
When Guardians Become Predators: How Malware Corrupts the Protectors By Trellix · November 20, 2024 This blog was also written by Trishaan Kalra Introduction We often trust our security software to stand as an unbreakable wall against malware and attacks, but what happens when that very wall is...
ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control
ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building...
Fedora: Security Advisory for systemd (FEDORA-2024-c79658eedf)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
systemd bug fix update
An update is available for systemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...
RLSA-2023:3837 Moderate: systemd security and bug fix update
The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...
Moderate: Red Hat Security Advisory: systemd security and bug fix update
An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Windows 11 22h2 - Kernel Privilege Elevation
// Exploit Title: Windows 11 22h2 - Kernel Privilege Elevation // Date: 2023-06-20 // country: Iran // Exploit Author: Amirhossein Bahramizadeh // Category : webapps // Vendor Homepage: // Tested on: Windows/Linux // CVE : CVE-2023-28293 include include // The vulnerable driver file name const ch...
Using Service Control Policies to protect security baselines
Service Control Policies SCPs can be a great way to prevent actions from happening in AWS accounts. In this post, we will illustrate a specific use case of SCPs that protects the security baseline, or landing zone, configuration you’ve created for accounts...
Persistence – Service Control Manager
The service control manager SCM is responsible to start and stop services in windows environments including device drivers and start up applications. Microsoft introduced in… Continue reading - Persistence - Service Control Manager...
Persistence – Service Control Manager
The service control manager SCM is responsible to start and stop services in windows environments including device drivers and start up applications. Microsoft introduced in… Continue reading - Persistence - Service Control Manager...
CVE-2022-43455
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the servicestart, servicestop, and servicerestart modules of the software. This could allow an attacker to start, stop, or restart arbitrary...
CVE-2022-45430
Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could enable or disable the SSHD service...
CVE-2022-38700
OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. LAN attackers can bypass permission control and get control of camera service...
VMware Workspace ONE Access Privilege Escalation Exploit
VMware Workspace ONE Access contains a vulnerability whereby the horizon user can escalate their privileges to those of the root user by modifying a file and then restarting the vmware-certproxy service which invokes it. The service control is permitted via the sudo configuration without a...
Privilege escalation
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext 'email protected\n\trole = "admin"' value...
systemd bug fix and enhancement update
An update is available for systemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...
Phant0m - Windows Event Log Killer
Svchost is essential in the implementation of so-called shared service processes, where a number of services can share a process in order to reduce resource consumption. Grouping multiple services into a single process conserves computing resources, and this consideration was of particular concer...
systemd bug fix and enhancement update
The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...