48 matches found
Vulnerability fixed in Microsoft SQL server
There is a vulnerability in Microsoft SQL Server. A authenticated malicious party can send data over a network to an affected SQL Server when it is configured to running an Extended Event session. SQL Server: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact...
CVE-2019-8675
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...
CVE-2020-8758
Improper buffer restrictions in network subsystem in provisioned IntelR AMT and IntelR ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticat...
CVE-2020-15058
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic...
CVE-2019-9162
It was found that there are insufficient ASN.1 sequence length checks a.k.a. an array index error in the Linux kernel in the snmpversion and snmphelper functions in the net/ipv4/netfilter/nfnatsnmpbasicmain.c in the nfnatsnmpbasic module making out-of-bounds read and write operations possible. An...
Downloads Resources over HTTP
Overview Affected versions of apk-parser2 insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution ...
CVE-2012-0326
The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application...
Java-API calls in untrusted Javascript allow network privilege escalation
Unspecified vulnerability in Sun JDK and Java Runtime Environment JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java AP...