Lucene search
+L

190 matches found

ptsecurity
ptsecurity
added 2024/12/09 12:0 a.m.8 views

PT-2024-39754 · Papercut · Papercut Ng/Mf

Name of the Vulnerable Software and Affected Versions: PaperCut NG/MF affected versions not specified Description: A reflected cross-site scripting XSS issue exists, allowing specially crafted JavaScript payloads to be executed in the browser. This occurs when a user clicks on a malicious link...

6.3CVSS5.9AI score0.00225EPSS
Exploits0References7
osv
osv
added 2024/10/24 7:54 a.m.20 views

SUSE-SU-2024:3755-1 Security update for go1.21-openssl

This update for go1.21-openssl fixes the following issues: - CVE-2024-24791: Fixed denial of service due to improper 100-continue handling bsc1227314 - CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip bsc1225973 - CVE-2024-24790: Fixed unexpected behavior from ...

9.8CVSS8.4AI score0.91969EPSS
Exploits2References23
cnnvd
cnnvd
added 2024/09/26 12:0 a.m.6 views

PaperCut NG/MF 安全漏洞

PaperCut NG/MF is a print management system from PaperCut, Inc. A security vulnerability exists in PaperCut NG/MF that originates from incorrectly creating non-existing files, which can flood disk space and cause a denial of service...

6.1CVSS6.4AI score0.00241EPSS
Exploits0References2
mscve
mscve
added 2024/08/05 7:0 a.m.4 views

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message resulting in a denial of service.

...

6.5CVSS7AI score0.0114EPSS
Exploits0
redhat
redhat
added 2024/05/22 10:16 a.m.3 views

QEMU: VNC: NULL pointer dereference in qemu_clipboard_request()

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS7.1AI score0.01261EPSS
Exploits0References4
redhat
redhat
added 2024/05/22 10:16 a.m.6 views

QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS7.3AI score0.01891EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2024/05/03 12:0 a.m.18 views

CVE-2024-33844

The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAVMISSIONTYPE0, 1, 2, 255, which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSIONCOUNT command with a wrong MAVMISSIONTYPE...

7.2AI score0.0053EPSS
Exploits0References2
redhat
redhat
added 2024/04/30 10:36 a.m.5 views

QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS7.3AI score0.01891EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2024/03/14 12:0 a.m.3 views

PT-2024-18389 · Papercut · Papercut Ng/Mf

Name of the Vulnerable Software and Affected Versions: PaperCut NG/MF affected versions not specified Description: This issue allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the application. The...

7.2CVSS7.9AI score0.01411EPSS
Exploits0References6
ics
ics
added 2024/02/20 7:0 a.m.85 views

Mitsubishi Electric Electrical discharge machines

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Corporation Equipment : Electrical discharge machines Vulnerability : Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could...

9.8CVSS9.6AI score0.95454EPSS
Exploits7References8
openbugbounty
openbugbounty
added 2024/02/05 3:14 p.m.9 views

windermerecutparty.brownpapertickets.com Cross Site Scripting vulnerability OBB-3849162

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
bdu_fstec
bdu_fstec
added 2024/01/17 12:0 a.m.6 views

The vulnerability of the qemu_clipboard_request() function in the embedded VNC emulator server of the QEMU hardware support allows a hacker to trigger a service failure.

The vulnerability of the qemuclipboardrequest function in the embedded VNC emulator server of the QEMU hardware emulation software is related to errors in pointer manipulation during the processing of ClientCutText messages. Exploiting this vulnerability can allow an attacker to cause a service...

6.8CVSS6.5AI score0.01261EPSS
Exploits0References10Affected Software5
osv
osv
added 2024/01/12 7:15 p.m.16 views

UBUNTU-CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

6.5CVSS6.7AI score0.01261EPSS
Exploits0References5
osv
osv
added 2023/11/03 11:6 a.m.3 views

OESA-2023-1786 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib...

6.5CVSS6.6AI score0.01891EPSS
Exploits0References2
attackerkb
attackerkb
added 2023/10/19 2:15 p.m.2 views

CVE-2023-31046

A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an authenticated attacker to achieve read-only access to the server's filesystem, because requests beginning with "GET /ui/static/..//.." reach...

6.5CVSS5.9AI score0.01493EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2023/09/17 12:0 a.m.7 views

The vulnerability of the XML-RPC protocol implementation in the network printing control software PaperCut NG allows a hacker to execute arbitrary commands.

The vulnerability of the XML-RPC protocol implementation in the PaperCut NG network printing control software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

6.5CVSS6.9AI score0.03568EPSS
Exploits2References5Affected Software1
osv
osv
added 2023/09/13 5:15 p.m.9 views

AZL-28791 CVE-2023-3255 affecting package qemu for versions less than 6.2.0-23

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS6.8AI score0.01891EPSS
Exploits0References1
osv
osv
added 2023/09/13 5:15 p.m.3 views

UBUNTU-CVE-2023-3255

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS6.9AI score0.01891EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2023/09/13 4:12 p.m.1 views

CVE-2023-3255 Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

6.5CVSS6.1AI score0.01891EPSS
Exploits0References4
susecve
susecve
added 2023/07/07 2:19 a.m.3 views

SUSE CVE-2023-3255

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the inflatebuffer function. This could allow a remote authenticated client who is able to send a...

4.9CVSS6.6AI score0.01891EPSS
Exploits0References6
Rows per page
Query Builder