CVE-2019-18631

The Windows component of Centrify Authentication and Privilege Elevation Services 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.5.0, 3.5.1 18.8, 3.5.2 18.11, and 3.6.0 19.6 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows attackers...

CVE-2019-18631

The Windows component of Centrify Authentication and Privilege Elevation Services 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.5.0, 3.5.1 18.8, 3.5.2 18.11, and 3.6.0 19.6 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows attackers...

CVE-2019-9745

CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service Recognition Update Client Service via an insecure communication channel Named Pipe. The data JSON sent via this channel is used to import data from...

Design/Logic Flaw

CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service Recognition Update Client Service via an insecure communication channel Named Pipe. The data JSON sent via this channel is used to import data from...

CVE-2019-9745

CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service Recognition Update Client Service via an insecure communication channel Named Pipe. The data JSON sent via this channel is used to import data from...

CVE-2019-9745

CVE-2019-9745 affects the CloudCTI HIP Integrator Recognition Configuration Tool. The vulnerability arises in the EXQUISE integration: a lower-privileged user can craft the data sent over an insecure Named Pipe (RUCS20151029) to the Recognition Update Client Service (running as NT AUTHORITY\SYSTE...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

DEBIAN-CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

CVE-2018-16451

CVE-2018-16451 is a buffer over-read in tcpdump's SMB parser (print-smb.c:print_trans) for SMB slots; Debian/AlmaLinux advisories show it alongside other tcpdump issues fixed by upgrading to tcpdump 4.9.3 (and libpcap 1.9.1). The available connected documents confirm the vulnerability and the fix...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

UBUNTU-CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

PT-2020-5155

Name of the Vulnerable Software and Affected Versions Ansible affected versions not specified Description The issue is related to the pipe lookup plugin of Ansible, where arbitrary commands can be run when the plugin uses subprocess.Popen with shell=True by overwriting Ansible facts. The variable...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sssd Vulnerability (NS-SA-2019-0067)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sssd packages installed that are affected by a vulnerability: - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a...

CVE-2019-3742

Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevat...

CVE-2019-3742

Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevat...

Privilege escalation

Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevat...

CVE-2019-3742

Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a named pipe that performs binary deserialization via a process hollowing technique to inject malicous code to run an executable with elevat...