24 matches found
IBM InfoSphere Metadata Asset Manager Server-Side Request Forgery Vulnerability
IBM InfoSphere Metadata Asset Manager imports, exports, and manages common metadata assets. A server-side request forgery vulnerability exists in IBM InfoSphere Metadata Asset Manager 11.7, which can be exploited by a remote authenticated attacker to submit or control server requests by sending...
CVE-2020-5898
In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \.\urvpndrv device causing the Windows kernel to crash...
Multiple vulnerabilities in the Kaspersky Total Security antivirus protection system allow attackers to obtain confidential information.
The multiple vulnerabilities of the KLDISK driver in the Kaspersky Total Security antivirus protection software are related to the lack of protection for operational data. Exploiting these vulnerabilities could allow an intruder, operating locally, to gain access to confidential information—such ...
ntp: automatic generation of weak default key in config_auth()
It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc...