Lucene search
+L

331 matches found

Vulnrichment
Vulnrichment
added 2023/06/22 11:47 a.m.17 views

CVE-2023-20892 VMware vCenter Server heap-overflow vulnerability

The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating...

8.1CVSS7.9AI score0.01849EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/22 11:47 a.m.29 views

CVE-2023-20892 VMware vCenter Server heap-overflow vulnerability

The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating...

8.1CVSS9.9AI score0.01849EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/22 12:0 a.m.5 views

PT-2023-3414 · Vmware · Vmware Vcenter Server +1

Name of the Vulnerable Software and Affected Versions: VMware vCenter Server affected versions not specified Description: The issue is caused by a memory corruption vulnerability in the implementation of the DCERPC protocol. This vulnerability can be exploited by a malicious actor with network...

9.8CVSS9.3AI score0.01375EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/06/22 12:0 a.m.5 views

PT-2023-3750 · Vmware · Vmware Vcenter Server +1

Name of the Vulnerable Software and Affected Versions: VMware vCenter Server affected versions not specified Description: The issue is related to an out-of-bounds read vulnerability in the implementation of the DCERPC protocol in VMware vCenter Server. A malicious actor with network access to...

7.8CVSS7.6AI score0.00909EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.24 views

Debian: Security Advisory (DLA-714-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.1AI score0.01717EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.6 views

SUSE CVE-2006-1939

Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service crash from null dereference via 1 an invalid display filter, or the 2 GSM SMS, 3 ASN.1-based, 4 DCERPC NT, 5 PER, 6 RPC, 7 DCERPC, and 8 ASN.1 dissectors...

5CVSS7AI score0.02636EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.4 views

SUSE CVE-2009-3550

The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party...

4.3CVSS6.8AI score0.02493EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:56 a.m.4 views

SUSE CVE-2016-9373

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private...

5.9CVSS7.5AI score0.01717EPSS
Exploits0References6
Apple
Apple
added 2023/01/23 12:0 a.m.228 views

About the security content of macOS Ventura 13.2

About the security content of macOS Ventura 13.2 This document describes the security content of macOS Ventura 13.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

9.8CVSS9.8AI score0.04325EPSS
Exploits4References1Affected Software1
Metasploit
Metasploit
added 2022/05/25 5:43 p.m.819 views

Print Spooler Remote DLL Injection

The print spooler service can be abused by an authenticated remote attacker to load a DLL through a crafted DCERPC request, resulting in remote code execution as NT AUTHORITY\SYSTEM. This module uses the MS-RPRN vector which requires the Print Spooler service to be running. Module Options msf use...

9.3CVSS7.8AI score0.99759EPSS
Exploits75
Packet Storm
Packet Storm
added 2022/05/25 12:0 a.m.521 views

Print Spooler Remote DLL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' require 'rubysmb' require 'rubysmb/error' class MetasploitModule 'Print Spooler Remote DLL Injection', 'Description' = %q The print spooler servic...

9.3CVSS0.99759EPSS
Exploits75
Rapid7 Blog
Rapid7 Blog
added 2022/01/07 5:28 p.m.164 views

Metasploit Wrap-Up

Dump Windows secrets from Active Directory This week, our very own Christophe De La Fuente added an important update to the existing Windows Secret Dump module. It is now able to dump secrets from Active Directory, which will be very useful for Metasploit users. This new feature uses the Director...

7.5CVSS0.2AI score0.93514EPSS
Exploits61
OSV
OSV
added 2021/11/15 6:34 a.m.8 views

OPENSUSE-SU-2021:1471-1 Security update for samba

This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos bsc1014440. - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members bsc1192284. - CVE-2021-23192:...

8.5CVSS7.4AI score0.01953EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2021:3650-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.6AI score0.01953EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2021:3649-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.2AI score0.01953EPSS
Exploits0References6
OSV
OSV
added 2021/11/10 4:36 p.m.10 views

OPENSUSE-SU-2021:3650-1 Security update for samba

This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos bsc1014440. - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members bsc1192284. - CVE-2021-23192:...

8.5CVSS7.4AI score0.01953EPSS
Exploits0References7
OSV
OSV
added 2021/11/10 4:35 p.m.7 views

SUSE-SU-2021:3649-1 Security update for samba

This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos bsc1014440. - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members bsc1192284. - CVE-2021-23192:...

8.5CVSS7.1AI score0.01953EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2021/11/10 12:0 a.m.56 views

Security update for samba and ldb (important)

openSUSE Security Update: Security update for samba and ldb Announcement ID: openSUSE-SU-2021:3647-1 Rating: important References: 1014440 1192214 1192215 1192246 1192247 1192283 1192284 1192505 Cross-References: CVE-2016-2124 CVE-2020-25717 CVE-2020-25718 CVE-2020-25719 CVE-2020-25721...

8.8CVSS8.3AI score0.13794EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/09/15 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for wireshark (EulerOS-SA-2021-2438)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.05803EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.48 views

EulerOS 2.0 SP2 : wireshark (EulerOS-SA-2021-2438)

According to the versions of the wireshark packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Wireshark is a network traffic analyzer for Unix-ish operating systems.This package lays base for libpcap, a packet capture and filtering...

7.5CVSS7AI score0.05803EPSS
Exploits5References6
Rows per page
Query Builder