CVE-2023-23205

An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multiclientserver/multiclientserver.c...

SUSE CVE-2018-2942

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

SUSE CVE-2019-17596

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates...

SUSE CVE-2019-20797

An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by ISendPacket or ISendPacketTo in inetwork.c...

SUSE CVE-2020-2781

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...

SUSE CVE-2020-14577

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...

Hitachi FOXMAN-UN 安全漏洞

Hitachi FOXMAN-UN is a powerful toolset for a comprehensive NMS suite from Hitachi, Japan. A security vulnerability exists in Hitachi FOXMAN-UN that stems from the fact that the communication between its client FOXMAN-UN User Interface and server application FOXMAN-UN Core partially uses CORBA...

NetLlix - A Project Created With An Aim To Emulate And Test Exfiltration Of Data Over Different Network Protocols

A project created with an aim to emulate and test exfiltration of data over different network protocols. The emulation is performed w/o the usage of native API's. This will help blue teams write correlation rules to detect any type of C2 communication or data exfiltration. Currently, this project...

The vulnerability of the Client Server Run-Time Subsystem (CSRSS) in Windows operating systems, which allows attackers to enhance their privileges

The vulnerability of the Client Server Run-Time Subsystem CSRSS in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

Microsoft Windows Multiple Vulnerabilities (KB5021235)

This host is missing an important security update according to Microsoft KB5021235 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2022-44673

Windows Client Server Run-time Subsystem CSRSS Elevation of Privilege Vulnerability...

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

...

PT-2022-5872 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the Client Server Run-Time Subsystem CSRSS of Windows operating systems. It allows an attacker to elevate their privileges...

Microsoft Client Server Run-time Subsystem 安全漏洞

The Microsoft Client Server Run-time Subsystem is a client/server run-time subsystem from Microsoft Corporation in the United States that manifests itself as the csrss.exe process. It is a component of the Windows NT family of operating systems, appearing in Windows NT 3.1 and subsequent systems,...

[SECURITY] Fedora 35 Update: mariadb-10.5.18-1.fc35

MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...

GE CIMPLICITY HMI/SCADA Software Buffer Overflow Vulnerability

GE CIMPLICITY HMI/SCADA Software is an automated industrial platform from General Electric GE. It provides true client-server visualization and control from a single machine to plant locations around the world, helping to manage operations and improve decision making. A buffer overflow...

Powercom UPSMON PRO 安全漏洞

Powercom UPSMON PRO is a multi-platform client-server software from Powercom that allows remote monitoring and control of a UPS via SNMP, HTTP and UDP. A security vulnerability exists in Powercom UPSMON PRO, which arises from the explicit transmission of sensitive data over the HTTP protocol that...

The vulnerability of the Client Server Run-Time Subsystem (CSRSS) in the Windows operating system, which allows a hacker to increase their privileges within the system

The vulnerability of the Client Server Run-Time Subsystem CSRSS in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

VuCSA - Vulnerable Client-Server Application - Made For Learning/Presenting How To Perform Penetration Tests Of Non-Http Thick Clients

Vulnerable Client-Server Application Vulnerable client-server application VuCSA is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java with JavaFX graphical user interface. Currently the vulnerable application contains the following...

Vulnerabilities fixed in OpenSSL

Vulnerabilities have been fixed in OpenSSL 3. OpenSSL is widely found on web and mail servers but is also used by other types of systems. Think of network devices, embedded systems and containerized images. The vulnerabilities can be exploited by a malicious party to execute arbitrary code or cau...