Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-10943

Malware in sbrugna...

9CVSS8.8AI score0.03296EPSS
Exploits1References5
OSV
OSV
added 2018/12/20 5:29 p.m.3 views

CVE-2018-19233

COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...

7.8CVSS6.1AI score0.00592EPSS
Exploits1References4
OSV
OSV
added 2018/12/20 5:29 p.m.1 views

CVE-2018-19234

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation...

8.8CVSS6.1AI score0.03296EPSS
Exploits1References4
NVD
NVD
added 2018/12/20 5:29 p.m.17 views

CVE-2018-19233

COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...

7.8CVSS7.9AI score0.00592EPSS
Exploits1References4
NVD
NVD
added 2018/12/20 5:29 p.m.18 views

CVE-2018-19234

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation...

9CVSS8.8AI score0.03296EPSS
Exploits1References4
Prion
Prion
added 2018/12/20 5:29 p.m.14 views

Input validation

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation...

9CVSS8.8AI score0.03296EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2018/12/20 5:29 p.m.12 views

Hardcoded credentials

COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...

2.1CVSS7.8AI score0.00592EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2018/12/20 5:0 p.m.17 views

CVE-2018-19234

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation...

8.8AI score0.03296EPSS
Exploits1References4
Cvelist
Cvelist
added 2018/12/20 5:0 p.m.20 views

CVE-2018-19233

COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file...

7.9AI score0.00592EPSS
Exploits1References4
CVE
CVE
added 2018/12/20 5:0 p.m.34 views

CVE-2018-19233

CVE-2018-19233 affects Miss Marple Enterprise Edition before 2.0. Local attackers can execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file. The vulnerability is due to hard-coded credentials (AES key) in the affected component;...

7.8CVSS7.8AI score0.00592EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2018/12/20 5:0 p.m.53 views

CVE-2018-19234

CVE-2018-19234 affects the Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition prior to version 2.0 . The root cause is missing update validation , enabling a remote attacker to execute arbitrary code with SYSTEM privileges . This vulnerability is documented across multiple sou...

9CVSS8.8AI score0.03296EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2018/11/22 12:0 a.m.4 views

Miss Marple Enterprise Edition Code Execution Vulnerability

Miss Marple Enterprise Edition is a suite of enterprise IT asset and license management programs. A security vulnerability in Miss Marple Enterprise Edition prior to version 2.0 exists because the program fails to detect updates. An attacker could exploit the vulnerability to execute arbitrary co...

9CVSS9AI score0.03296EPSS
Exploits1References1
0day.today
0day.today
added 2018/11/21 12:0 a.m.72 views

Miss Marple Enterprise Edition File Upload / Hardcoded AES Key Vulnerability

Exploit for windows platform in category local exploits ======================================================================= title: Multiple critical vulnerabilities product: Miss Marple Enterprise Edition vulnerable version: 2.0 fixed version: 2.0 CVE number: CVE-2018-19233, CVE-2018-19234...

7.9AI score0.03296EPSS
Exploits1
Rows per page
Query Builder