Lucene search
K

247 matches found

Ubuntu
Ubuntu
added 2024/06/26 12:12 p.m.22 views

USN-6843-1: Plasma Workspace vulnerability

Fabian Vogt discovered that Plasma Workspace incorrectly handled connections via ICE. A local attacker could possibly use this issue to gain access to another user's session manager and execute arbitrary code...

7.8CVSS7.6AI score0.00293EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/12 12:0 a.m.16 views

FreeBSD : plasma[56]-plasma-workspace -- Unauthorized users can access session manager (479df73e-2838-11ef-9cab-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 479df73e-2838-11ef-9cab-4ccc6adda413 advisory. David Edmundson reports: KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based...

7.8CVSS7.7AI score0.00293EPSS
Exploits0References3
Mageia
Mageia
added 2024/06/07 5:31 p.m.25 views

Updated plasma-workspace packages fix security vulnerability

KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, allowing all local connections. This allows another user on the same machine to gain access to the session manager. A well crafted client could use the session restore feature to execute arbitrary code...

7.8CVSS7.5AI score0.00293EPSS
Exploits0References2
OSV
OSV
added 2024/06/07 5:31 p.m.8 views

MGASA-2024-0214 Updated plasma-workspace packages fix security vulnerability

KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, allowing all local connections. This allows another user on the same machine to gain access to the session manager. A well crafted client could use the session restore feature to execute arbitrary code...

7.8CVSS7.6AI score0.00293EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/06/03 12:0 a.m.20 views

CVE-2024-36041

KSmserver in KDE Plasma Workspace aka plasma-workspace before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the...

7.8CVSS7.4AI score0.00293EPSS
Exploits0References3
OSV
OSV
added 2024/06/03 12:0 a.m.2 views

UBUNTU-CVE-2024-36041

KSmserver in KDE Plasma Workspace aka plasma-workspace before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the...

7.8CVSS6.2AI score0.00293EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/06/01 2:23 a.m.2 views

SUSE CVE-2024-36041

KSmserver in KDE Plasma Workspace aka plasma-workspace before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the...

7.8CVSS7.8AI score0.00293EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2024/05/31 12:0 a.m.19 views

plasma[56]-plasma-workspace -- Unauthorized users can access session manager

David Edmundson reports: KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, allowing all local connections. This allows another user on the same machine to gain access to the session manager. A well crafted client could use the session restore feature ...

7.8CVSS7.4AI score0.00293EPSS
Exploits0References1
OSV
OSV
added 2024/05/08 2:15 a.m.6 views

AZL-40340 CVE-2024-1929 affecting package dnf5 for versions less than 5.1.11-3

Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a malicious user to impact Confidentiality and Integrity via Configuration Dictionary. There are issues with the D-Bus interface long before Polkit is invoked. The org.rpm.dnf.v0.SessionManager.opensession...

8.4CVSS5.7AI score0.00289EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/04/14 12:0 a.m.1 views

PT-2024-10421 · Kde +4 · Kde Plasma Workspace +4

Name of the Vulnerable Software and Affected Versions: KDE Plasma Workspace versions prior to 5.27.11.1 KDE Plasma Workspace 6.x versions prior to 6.0.5.1 Description: The issue allows connections via ICE based purely on the host, i.e., all local connections are accepted. This enables another use...

7.8CVSS7.8AI score0.00293EPSS
Exploits0References51
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.3 views

PT-2024-18431 · Unknown +1 · Dnf5Daemon-Server +1

Name of the Vulnerable Software and Affected Versions: dnf5daemon-server versions before 5.1.17 Description: The issue concerns a local root exploit via a configuration dictionary in the dnf5daemon-server. It affects confidentiality and integrity. The org.rpm.dnf.v0.SessionManager.open session...

8.4CVSS5.9AI score0.00289EPSS
Exploits1References16
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.5 views

The vulnerability of the Windows Local Session Manager component of the Windows operating system allows a hacker to trigger a service failure.

The vulnerability of the Windows Local Session Manager component exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

6.8CVSS6.5AI score0.01538EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/12/20 8:15 p.m.1 views

CVE-2022-44684

Windows Local Session Manager LSM Denial of Service Vulnerability...

6.5CVSS6.6AI score0.01538EPSS
Exploits0References2Affected Software8
NVD
NVD
added 2023/12/20 8:15 p.m.20 views

CVE-2022-44684

Windows Local Session Manager LSM Denial of Service Vulnerability...

6.5CVSS0.01538EPSS
Exploits0References1
OSV
OSV
added 2023/12/20 8:15 p.m.5 views

CVE-2022-44684

Windows Local Session Manager LSM Denial of Service Vulnerability...

6.5CVSS5.8AI score0.01538EPSS
Exploits0References1
Prion
Prion
added 2023/12/20 8:15 p.m.23 views

Denial of service

Windows Local Session Manager LSM Denial of Service Vulnerability...

4CVSS7.2AI score0.01538EPSS
Exploits0References1Affected Software6
CVE
CVE
added 2023/12/20 7:29 p.m.84 views

CVE-2022-44684

CVE-2022-44684 affects Windows Local Session Manager (LSM). The issue stems from insufficient input validation in the LSM component, enabling denial-of-service via remote exploitation. Impact is a system denial of service; CVSS v3.1 base score 6.5 (Network, Low privileges, No user interaction). A...

6.5CVSS6.3AI score0.01538EPSS
Exploits0References1Affected Software7
Cvelist
Cvelist
added 2023/12/20 7:29 p.m.26 views

CVE-2022-44684 Windows Local Session Manager (LSM) Denial of Service Vulnerability

...

6.5CVSS7AI score0.01538EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/20 12:0 a.m.5 views

Microsoft Windows Security Vulnerabilities

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation. A security vulnerability exists in Microsoft Windows Local Session Manager. The following products and editions are affected: Windows 10 Version 21H1,Windows Server 2022,Window...

6.5CVSS6.7AI score0.01538EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/08/24 12:53 p.m.13 views

Minimal `basti` IAM Policy Allows Shell Access

Summary The provided Minimal IAM Policy for bastic connect does not include ssm:SessionDocumentAccessCheck. This results in the ability to get a shell session on the bastion, not just the intended access for Port Forwarding. Details basti connect is designed to "securely connect to your...

6.7AI score
Exploits0References3Affected Software1
Rows per page
Query Builder