Lucene search
K

264 matches found

OSV
OSV
added 2019/12/10 11:15 p.m.1 views

DEBIAN-CVE-2019-14870

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos...

5.4CVSS6.2AI score0.02783EPSS
Exploits0References1
OSV
OSV
added 2019/12/10 12:0 a.m.2 views

UBUNTU-CVE-2019-14870

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U MS-SFU Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos...

5.4CVSS6.4AI score0.02783EPSS
Exploits0References5
CNVD
CNVD
added 2019/11/12 12:0 a.m.3 views

ARM Mbed OS CoAP library buffer overflow vulnerability

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things IoT from ARM in the U.K. The CoAP library is one of the Constrained Application Protocol CoAP libraries. A buffer overflow vulnerability exists in the CoAP library in Arm Mbed OS version 5.14.0. T...

10CVSS7.4AI score0.0306EPSS
Exploits0References1
OSV
OSV
added 2019/11/05 4:15 p.m.3 views

CVE-2019-17211

An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function sncoapbuildercalcneededpacketdatasize2 is used to calculate the required memory for the CoAP message from the sncoaphdrs data structure. Both returnedbytecount and srccoapmsgptr-payloadlen are of type...

9.8CVSS7.5AI score0.02574EPSS
Exploits1References8
BDU FSTEC
BDU FSTEC
added 2019/07/30 12:0 a.m.4 views

The vulnerability of the application control tool: Windows Defender Application Control (WDAC), a PowerShell Core-based automation tool for application management, allows attackers to bypass the PowerShell Core Constrained Language Mode and compromise the integrity, confidentiality, and accessibility of protected information.

The vulnerability of the application control tool, Windows Defender Application Control WDAC, a PowerShell Core-based automation tool, is related to security configuration errors. Exploiting this vulnerability can allow attackers to bypass PowerShell Core’s Constrained Language Mode and compromis...

6.4CVSS5.5AI score0.011EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2019/07/17 12:0 a.m.43 views

PowerShell Windows Defender Application Control Security Feature Bypass Vulnerability - Windows

This host is missing an important security update for PowerShell Core according to Microsoft security advisory CVE-2019-1167. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

4.1CVSS4.6AI score0.011EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2019/07/16 7:0 a.m.52 views

Windows Defender Application Control Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could circumvent PowerShell Core Constrained Language Mode on the machine. To exploit the...

4.1CVSS4.2AI score0.011EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/05/14 7:0 a.m.37 views

Windows Defender Application Control Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could circumvent Windows PowerShell Constrained Language Mode on the machine. To exploit...

5.3CVSS3.8AI score0.01178EPSS
Exploits0
PyPA
PyPA
added 2019/04/02 7:29 p.m.10 views

PYSEC-2019-166

The Serialize.deserialize method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library e.g., the standard CoAP server, CoAP client, example collect CoAP server and client when they receive crafted CoAP messages...

7.5CVSS6.8AI score0.01446EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/06 12:0 a.m.4 views

The vulnerability of CoAP decoders in Wireshark’s computer network traffic analyzer allows a hacker to cause a service failure.

The vulnerability of CoAP decoders wireshark/menagerie/menagerie/16122-unittest.pcapng, a traffic analyzer for computer networks in Wireshark, is related to incorrect checking of the data volume sent in the PIV format. Exploiting this vulnerability can allow an attacker operating remotely to caus...

7.5CVSS6.6AI score0.02884EPSS
Exploits0References4Affected Software2
The Hacker News
The Hacker News
added 2018/11/13 12:34 p.m.1 views

Cynet Review: Simplify Security with a True Security Platform

In 1999, Bruce Schneier wrote, "Complexity is the worst enemy of security." That was 19 years ago ! and since then, cyber security has only become more complex. Today, controls dramatically outnumber staff available to support them. The Bank of America has a $400-million cyber budget to hire...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2018/11/13 12:34 p.m.417 views

Cynet Review: Simplify Security with a True Security Platform

In 1999, Bruce Schneier wrote, "Complexity is the worst enemy of security." That was 19 years ago ! and since then, cyber security has only become more complex. Today, controls dramatically outnumber staff available to support them. The Bank of America has a $400-million cyber budget to hire...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2018/11/03 1:13 p.m.96 views

ADModule - Microsoft Signed ActiveDirectory PowerShell Module

Microsoft signed DLL for the ActiveDirectory PowerShell module Just a backup for the Microsoft's ActiveDirectory PowerShell module from Server 2016 with RSAT and module installed. The DLL is usually found at this path: C:\Windows\Microsoft.NET\assembly\GAC64\Microsoft.ActiveDirectory.Management a...

7.1AI score
Exploits0References3
OSV
OSV
added 2018/10/12 6:29 a.m.0 views

DEBIAN-CVE-2018-18225

In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed...

7.5CVSS6.5AI score0.02884EPSS
Exploits0References1
OSV
OSV
added 2018/07/19 2:29 a.m.1 views

UBUNTU-CVE-2018-14367

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition...

7.5CVSS6.8AI score0.03324EPSS
Exploits0References5
CNVD
CNVD
added 2018/07/19 12:0 a.m.3 views

Wireshark Denial of Service Vulnerability (CNVD-2018-14105)

Wireshark formerly known as Ethereal is a set of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.CoAP protocol dissector is one of the CoAP protocol parsers. A security...

7.5CVSS7.4AI score0.03324EPSS
Exploits0References1
Citrix
Citrix
added 2018/04/09 12:0 a.m.7 views

NetScaler Kerberos WIKI - Troubleshooting

Troubleshooting details for Kerberos Constrained Delegation and Authentication related issues on NetScaler...

7.3AI score
Exploits0
Fedora
Fedora
added 2018/02/27 5:28 p.m.35 views

[SECURITY] Fedora 27 Update: sblim-sfcb-1.4.9-9.fc27

Small Footprint CIM Broker sfcb is a CIM server conforming to the CIM Operations over HTTP protocol. It is robust, with low resource consumption and therefore specifically suited for embedded and resource constrained environments. sfcb supports providers written against the Common Manageability...

7.5CVSS2.2AI score0.01949EPSS
Exploits1
Fedora
Fedora
added 2018/02/27 4:58 p.m.21 views

[SECURITY] Fedora 26 Update: sblim-sfcb-1.4.9-7.fc26

Small Footprint CIM Broker sfcb is a CIM server conforming to the CIM Operations over HTTP protocol. It is robust, with low resource consumption and therefore specifically suited for embedded and resource constrained environments. sfcb supports providers written against the Common Manageability...

7.5CVSS2.2AI score0.01949EPSS
Exploits1
seebug.org
seebug.org
added 2018/02/24 12:0 a.m.102 views

Windows: Constrained Impersonation Capability EoP(CVE-2018-0821)

Windows: Constrained Impersonation Capability EoP Platform: Windows 10 1703/1709 not tested earlier versions Class: Elevation of Privilege Summary: It’s possible to use the constrained impersonation capability added in Windows 10 to impersonate a lowbox SYSTEM token leading to EoP. Description:...

7.6AI score0.02344EPSS
Exploits3
Rows per page
Query Builder