290 matches found
Apache Kafka Denial of Service Vulnerability
Apache Kafka is an open source distributed streaming platform from the Apache Foundation in the United States. The platform is capable of capturing real-time data and is used to build applications that react in real-time to changes in the data stream. Apache Kafka suffers from a denial-of-service...
CVE-2022-38176
An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as...
CVE-2022-38176
An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as...
CVE-2022-38176
YSoft SAFEQ 6 before 6.0.72 contains an installer privilege issue for the Client V3 services. The root cause is incorrect privileges configured in the installer package, enabling local privilege escalation by overwriting the executable via an alternate data stream. Impact is local, with high conf...
The vulnerability of the OGG Core Library, a data stream management tool from Oracle GoldenGate, allows a hacker to gain full control over the application.
The vulnerability of the OGG Core Library, a data stream management tool of Oracle GoldenGate, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...
GHSA-VQH4-CRJF-JJXX Salt Improper Access Control
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream...
Salt Improper Access Control
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream...
YSoft SafeQ 6 has an unspecified vulnerability
YSoft SAFEQ 6 FlexiSpooler is an application. A print management solution. A security vulnerability exists in YSoft SafeQ 6, which stems from incorrect privileges in the MU55 FlexiSpooler service in version 6.0.55 of YSoft SafeQ 6. An attacker could exploit the vulnerability to escalate local use...
CVE-2021-31859
Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream...
CVE-2021-31859
Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream...
CVE-2021-31859
Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream...
PT-2021-19553 · Ysoft · Ysoft Safeq 6
Name of the Vulnerable Software and Affected Versions: YSoft SafeQ 6 version 6.0.55 Description: The issue concerns incorrect privileges in the MU55 FlexiSpooler service, allowing a local user to escalate privileges by overwriting the executable file via an alternative data stream. Recommendation...
YSoft SAFEQ 6 FlexiSpooler 安全漏洞
YSoft SAFEQ 6 FlexiSpooler is an application. A print management solution. A security vulnerability exists in YSoft SafeQ 6, which stems from incorrect privileges in the MU55 FlexiSpooler service in version 6.0.55 of YSoft SafeQ 6. An attacker could exploit the vulnerability to escalate local use...
UVI-2021-1000591 mptcp: fix data stream corruption
mptcp: fix data stream corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit 3267a061096efc91eda52c2a0c61ba76e46e4b34, i...
GSD-2021-1000591 mptcp: fix data stream corruption
mptcp: fix data stream corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit 3267a061096efc91eda52c2a0c61ba76e46e4b34, i...
GSD-2021-1000547 mptcp: fix data stream corruption
mptcp: fix data stream corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.9 by commit 18e7f0580da15cac1e79d73683ada5a9e70980f8, it...
CVE-2021-27384
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...
CVE-2021-27384
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...
The vulnerability of the component of the software framework for transmitting real-time streaming video and audio via WebRTC in the Intel Collaboration Suite, which allows attackers to enhance their privileges.
The vulnerability of the component of the software framework for transmitting real-time streaming video and audio in the Intel Collaboration Suite for WebRTC is related to inadequate control of data streams. Exploiting this vulnerability can allow a malicious actor to enhance their privileges...
Design/Logic Flaw
A vulnerability in the host input API daemon of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper certificate validation. An attacker could exploit...