64 matches found
CVE-2025-21288 Windows COM Server Information Disclosure Vulnerability
...
CVE-2025-21288 Windows COM Server Information Disclosure Vulnerability
...
CVE-2025-21272
CVE-2025-21272 affects Windows COM, specifically the COM Server component, described as an Information Disclosure vulnerability. The issue is exploitable locally with low privileges and low attack complexity, with confidentiality impact rated High. Connected sources corroborate Windows COM as aff...
CVE-2025-21272 Windows COM Server Information Disclosure Vulnerability
...
CVE-2025-21272 Windows COM Server Information Disclosure Vulnerability
...
Windows COM Server Information Disclosure Vulnerability
...
Wiesemann & Theis Com-Server Family 安全漏洞
The Wiesemann & Theis Com-Server Family is a family of serial device servers from Wiesemann & Theis, Germany. A security vulnerability exists in the Wiesemann & Theis Com-Server Family that stems from the ease of bypassing authentication via IP spoofing, where an unauthenticated attacker on the...
Wiesemann & Theis Com-Server Family 访问控制错误漏洞
The Wiesemann & Theis Com-Server Family is a family of serial device servers from Wiesemann & Theis, Germany. An access control error vulnerability exists in Wiesemann & Theis Com-Server Family. A remote attacker could exploit this vulnerability to log in to the system without knowing the passwor...
CVE-2022-42787 Wiesemann & Theis: Small number space for allocating session id in Com-Server family
Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. After login of an user an unathenticated remote attacker can brute force the users session id and get access to his account on the the device. As the user needs to log in for the attack to be...
CVE-2022-42787 Wiesemann & Theis: Small number space for allocating session id in Com-Server family
Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. After login of an user an unathenticated remote attacker can brute force the users session id and get access to his account on the the device. As the user needs to log in for the attack to be...
CVE-2022-42786 Wiesemann & Theis: XSS vulnerability in web interface of the Com-Server family
Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage...
CVE-2022-42786 Wiesemann & Theis: XSS vulnerability in web interface of the Com-Server family
Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage...
CVE-2022-42785 Wiesemann & Theis: Authentication bypass in Com-Server family
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET Request...
CVE-2022-42785 Wiesemann & Theis: Authentication bypass in Com-Server family
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET Request...
Wiesemann & Theis Com-Server Family 跨站脚本漏洞
The Wiesemann & Theis Com-Server Family is a family of serial device servers from the German company Wiesemann & Theis. A cross-site scripting vulnerability exists in Wiesemann & Theis Com-Server Family. An attacker could use this vulnerability to execute arbitrary web script or HTML by injecting...
Wiesemann & Theis Com-Server Family 安全特征问题特征问题漏洞
The Wiesemann & Theis Com-Server Family is a series of serial device servers from the German company Wiesemann & Theis. A security signature issue vulnerability exists in Wiesemann & Theis Com-Server Family. An attacker could exploit this vulnerability to brute force a session id and access...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:10152-1 Rating: important References: 1201720 1203086 1203306 1203370 1203735 1204019 Cross-References: CVE-2022-21554 CVE-2022-21571 CVSS scores: CVE-2022-21554 NVD : 4.4...
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
Privilege escalation
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...