Lucene search
K

290 matches found

CNVD
CNVD
added 2022/09/26 12:0 a.m.28 views

Apache Kafka Denial of Service Vulnerability

Apache Kafka is an open source distributed streaming platform from the Apache Foundation in the United States. The platform is capable of capturing real-time data and is used to build applications that react in real-time to changes in the data stream. Apache Kafka suffers from a denial-of-service...

3.7AI score0.0125EPSS
Exploits0Affected Software4
OSV
OSV
added 2022/09/06 9:15 p.m.4 views

CVE-2022-38176

An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as...

7.8CVSS5.8AI score0.00362EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/06 8:32 p.m.32 views

CVE-2022-38176

An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as...

8.1AI score0.00362EPSS
Exploits0References2
CVE
CVE
added 2022/09/06 8:32 p.m.116 views

CVE-2022-38176

YSoft SAFEQ 6 before 6.0.72 contains an installer privilege issue for the Client V3 services. The root cause is incorrect privileges configured in the installer package, enabling local privilege escalation by overwriting the executable via an alternate data stream. Impact is local, with high conf...

7.8CVSS7.8AI score0.00362EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/27 12:0 a.m.11 views

The vulnerability of the OGG Core Library, a data stream management tool from Oracle GoldenGate, allows a hacker to gain full control over the application.

The vulnerability of the OGG Core Library, a data stream management tool of Oracle GoldenGate, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

8.8CVSS7.6AI score0.00308EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/14 2:11 a.m.22 views

GHSA-VQH4-CRJF-JJXX Salt Improper Access Control

Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream...

8.1CVSS8.2AI score0.01516EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/14 2:11 a.m.34 views

Salt Improper Access Control

Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream...

8.1CVSS7.8AI score0.01516EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2021/07/15 12:0 a.m.18 views

YSoft SafeQ 6 has an unspecified vulnerability

YSoft SAFEQ 6 FlexiSpooler is an application. A print management solution. A security vulnerability exists in YSoft SafeQ 6, which stems from incorrect privileges in the MU55 FlexiSpooler service in version 6.0.55 of YSoft SafeQ 6. An attacker could exploit the vulnerability to escalate local use...

7.8CVSS4.2AI score0.00316EPSS
Exploits0References1
OSV
OSV
added 2021/07/14 5:15 p.m.3 views

CVE-2021-31859

Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream...

7.8CVSS5.8AI score0.00316EPSS
Exploits0References2
NVD
NVD
added 2021/07/14 5:15 p.m.21 views

CVE-2021-31859

Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream...

7.8CVSS0.00316EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/07/14 4:38 p.m.25 views

CVE-2021-31859

Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream...

8AI score0.00316EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/07/14 12:0 a.m.4 views

PT-2021-19553 · Ysoft · Ysoft Safeq 6

Name of the Vulnerable Software and Affected Versions: YSoft SafeQ 6 version 6.0.55 Description: The issue concerns incorrect privileges in the MU55 FlexiSpooler service, allowing a local user to escalate privileges by overwriting the executable file via an alternative data stream. Recommendation...

7.8CVSS7.7AI score0.00316EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/07/14 12:0 a.m.4 views

YSoft SAFEQ 6 FlexiSpooler 安全漏洞

YSoft SAFEQ 6 FlexiSpooler is an application. A print management solution. A security vulnerability exists in YSoft SafeQ 6, which stems from incorrect privileges in the MU55 FlexiSpooler service in version 6.0.55 of YSoft SafeQ 6. An attacker could exploit the vulnerability to escalate local use...

7.8CVSS5.6AI score0.00316EPSS
Exploits0References2
OSV
OSV
added 2021/06/04 7:43 p.m.12 views

UVI-2021-1000591 mptcp: fix data stream corruption

mptcp: fix data stream corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit 3267a061096efc91eda52c2a0c61ba76e46e4b34, i...

7.2AI score
Exploits0
OSV
OSV
added 2021/06/04 7:43 p.m.14 views

GSD-2021-1000591 mptcp: fix data stream corruption

mptcp: fix data stream corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit 3267a061096efc91eda52c2a0c61ba76e46e4b34, i...

7.2AI score
Exploits0
OSV
OSV
added 2021/06/04 7:36 p.m.10 views

GSD-2021-1000547 mptcp: fix data stream corruption

mptcp: fix data stream corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.9 by commit 18e7f0580da15cac1e79d73683ada5a9e70980f8, it...

7.2AI score
Exploits0
OSV
OSV
added 2021/05/12 2:15 p.m.5 views

CVE-2021-27384

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...

9.8CVSS7.3AI score0.02538EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2021/05/12 1:18 p.m.6 views

CVE-2021-27384

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...

7.3AI score0.02538EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.6 views

The vulnerability of the component of the software framework for transmitting real-time streaming video and audio via WebRTC in the Intel Collaboration Suite, which allows attackers to enhance their privileges.

The vulnerability of the component of the software framework for transmitting real-time streaming video and audio in the Intel Collaboration Suite for WebRTC is related to inadequate control of data streams. Exploiting this vulnerability can allow a malicious actor to enhance their privileges...

7.8CVSS7.5AI score0.01039EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2020/10/21 7:15 p.m.18 views

Design/Logic Flaw

A vulnerability in the host input API daemon of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper certificate validation. An attacker could exploit...

5CVSS5.4AI score0.0072EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder