2083 matches found
CVE-2023-31019
NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context...
Design/Logic Flaw
NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context...
CVE-2023-31019 CVE
NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context...
CVE-2023-31019 CVE
NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context...
NVIDIA GPU Display Driver Security Vulnerability
The NVIDIA GPU Display Driver is a driver from NVIDIA Corporation for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver that originates from a vulnerability contained in wksServicePlugin.dll, where the driver...
samba: smbd allows client access to unix domain sockets on the file system as root
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call RPC services like SAMR LSA or SPOOLSS, which Samba initiates o...
nipponsteelpipevn.com Cross Site Scripting vulnerability OBB-3768885
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Command Injection
Overview aaptjs is an A node wraper for aapt Affected versions of this package are vulnerable to Command Injection due to improper input sanitization via the add function when using pipe | after the zip file value. PoC js const pkg = require'aaptjs'; pkg.add'test0.zip | touch exploited.txt',...
OESA-2023-1757 samba security update
Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB...
Exploit for Improper Initialization in Linux Linux_Kernel
Dirty Pipe Exploit: CVE-2022-0847 The Dirty Pipe vulnerability...
SUSE CVE-2023-3961
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call RPC services like SAMR LSA or SPOOLSS, which Samba initiates o...
CVE-2023-3961
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call RPC services like SAMR LSA or SPOOLSS, which Samba initiates o...
CVE-2023-36729
Named Pipe File System Elevation of Privilege Vulnerability...
CVE-2023-36729
Named Pipe File System Elevation of Privilege Vulnerability...
CVE-2023-36605
Windows Named Pipe Filesystem Elevation of Privilege Vulnerability...
Privilege escalation
Windows Named Pipe Filesystem Elevation of Privilege Vulnerability...
Privilege escalation
Named Pipe File System Elevation of Privilege Vulnerability...
CVE-2023-36605
Technical details for CVE-2023-36605 are not publicly provided in the connected documents. The entry notes a Windows Named Pipe Filesystem Elevation of Privilege vulnerability, but no affected product versions, root cause, or remediation are documented here. Monitor for updates.
CVE-2023-36729 Named Pipe File System Elevation of Privilege Vulnerability
...
CVE-2023-36729
CVE-2023-36729 is a Local Elevation of Privilege vulnerability related to the Named Pipe File System. CVSS 3.1 base score 7.8 (High) with LOCAL attack vector, LOW privileges required, no user interaction, and implications for confidentiality, integrity, and availability all rated High. The availa...