51 matches found
CVE-2025-1701
CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could exploit this vulnerability by sending a specially crafted request over the RMI interface to execute arbitrary code with the privileges of the MIM Admin service. The RMI interface is only accessible locally...
EUVD-2009-2446
Malware in sbrugna...
EUVD-2011-1344
Malware in sbrugna...
EUVD-2022-26885
Malicious code in bioql PyPI...
EUVD-2025-16870
Malicious code in bioql PyPI...
EUVD-2023-34685
Malicious code in bioql PyPI...
EUVD-2023-44520
Malicious code in bioql PyPI...
CVE-2025-1701
CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could exploit this vulnerability by sending a specially crafted request over the RMI interface to execute arbitrary code with the privileges of the MIM Admin service. The RMI interface is only accessible locally...
CVE-2025-1701 Local Privilege Escalation in MIM Admin Service
CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could exploit this vulnerability by sending a specially crafted request over the RMI interface to execute arbitrary code with the privileges of the MIM Admin service. The RMI interface is only accessible locally...
CVE-2025-1701 Local Privilege Escalation in MIM Admin Service
CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could exploit this vulnerability by sending a specially crafted request over the RMI interface to execute arbitrary code with the privileges of the MIM Admin service. The RMI interface is only accessible locally...
CVE-2025-1701
CVE-2025-1701 affects MIM Admin Service prior to 7.2.13, 7.3.8, or 7.4.3. The issue allows a local attacker with access to the RMI interface (bound to 127.0.0.1) to send a specially crafted request and execute arbitrary code with the privileges of the MIM Admin service. The RMI surface is locally...
MIM Admin Service 安全漏洞
MIM Admin Service is a service component for centralized management of identity and access rights from MIM USA. A security vulnerability exists in MIM Admin Service versions prior to 7.2.13, prior to 7.3.8, and prior to 7.4.3, which stems from improper handling of the RMI interface and could lead...
PT-2025-23802 · Microsoft · Mim Admin Service
Name of the Vulnerable Software and Affected Versions: MIM Admin Service versions prior to 7.2.13 MIM Admin Service versions prior to 7.3.8 MIM Admin Service versions prior to 7.4.3 Description: This issue allows an attacker to execute arbitrary code with the privileges of the MIM Admin service b...
CVE-2023-30262
An issue found in MIM software Inc MIM License Server and MIMpacs services v.6.9 thru v.7.0 fixed in v.7.0.10 allows a remote unauthenticated attacker to execute arbitrary code via the RMI Registry service...
CVE-2011-1336
Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a crafted mim file...
CVE-2023-3892
Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this docume...
CVE-2023-3892
Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this docume...
Xxe
Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this docume...
CVE-2023-3892 Unsafe XML parsing of 3rd party DICOM private tags may lead to XXE
Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this docume...
CVE-2023-3892 Unsafe XML parsing of 3rd party DICOM private tags may lead to XXE
Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup. In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this docume...