29 matches found
keycloak: Keycloak: Attacker can re-enable and take over disabled clients via Registration Access Token
A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...
EUVD-2026-39474
A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...
PT-2026-52508
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw in the client registration service allows a remote attacker with a previously issued Registration Access Token RAT to re-enable a client that was explicitly disabled by an...
CVE-2020-36976
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Acer\Registration\ to inject malicious executables...
CVE-2020-36976
CVE-2020-36976 affects Acer Global Registration Service 1.0.0.3. The issue is an unquoted service path in the service configuration, enabling a local attacker to replace or inject an executable in C:\Program Files (x86)\Acer\Registration\ that could run at service startup with LocalSystem privile...
CVE-2020-36976 Global Registration Service 1.0.0.3 - 'GREGsvc.exe' Unquoted Service Path
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Acer\Registration\ to inject malicious executables...
EUVD-2020-30873
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Acer\Registration\ to inject malicious executables...
CVE-2020-36976 Global Registration Service 1.0.0.3 - 'GREGsvc.exe' Unquoted Service Path
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Acer\Registration\ to inject malicious executables...
Acer Global Registration Service Code Vulnerability
Acer Global Registration Service is an official registration and warranty activation software for products of Acer, a company based in Taiwan, China. Version 1.0.0.3 of Acer Global Registration Service contains a code vulnerability; this vulnerability stems from a service path that lacks quotes,...
PT-2026-4999
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its service configuration that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:Program Files x86AcerRegistration to inject malicious executables that...
ai.pipestream:connector-admin-service (=0.1.18), ai.pipestream:pipestream-engine (=0.0.6) +41 more potentially affected by CVE-2025-14969 via org.hibernate.reactive:hibernate-reactive-core (>=1.0.0.Alpha6 <=4.1.6.Final)
org.hibernate.reactive:hibernate-reactive-core MAVEN version =1.0.0.Alpha6, =0.1.7, =0.0.10, =0.0.1, =1.0.0, =2.0.0, =0.4.3, =0.4.3, =0.0.1, =2.2.0.Alpha2, =3.6.0.Beta1 and more Source cves: CVE-2025-14969 Source advisory: OSV:GHSA-FRPP-8PWQ-HJRX...
EUVD-2022-3693
Malicious code in bioql PyPI...
The vulnerability of the Windows Error Reporting error reporting service on Windows operating systems allows attackers to exploit their privileges.
The vulnerability of the Windows Error Reporting registration service on Windows operating systems arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Windows Error Reporting error reporting service on Windows operating systems allows a perpetrator to escalate their privileges.
The vulnerability of the Windows Error Reporting registration service on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Windows Error Reporting error reporting service on Windows operating systems allows a perpetrator to escalate their privileges.
The vulnerability of the Windows Error Reporting registration service on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Windows Error Reporting error reporting service on Windows operating systems allows a perpetrator to escalate their privileges.
The vulnerability of the Windows Error Reporting registration service in Windows operating systems is related to synchronization errors when using a shared resource “Race Conditions”. Exploiting this vulnerability can allow an attacker to increase their privileges...
Cross-Site Request Forgery in Apache CXF Fediz
Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...
GHSA-F5CH-36RG-VFCC Cross-Site Request Forgery in Apache CXF Fediz
Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...
PT-2021-4687 · Canonical +1 · Apport +2
Name of the Vulnerable Software and Affected Versions: apport versions prior to 2.14.1-0ubuntu3.29+esm8 apport versions prior to 2.20.1-0ubuntu2.30+esm2 apport versions prior to 2.20.9-0ubuntu7.26 apport versions prior to 2.20.11-0ubuntu27.20 apport versions prior to 2.20.11-0ubuntu65.3...
Global Registration Service 1.0.0.3 - (GREGsvc.exe) Unquoted Service Path Vulnerability
Exploit Title: Global Registration Service 1.0.0.3 - 'GREGsvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 1.0.0.3 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Home Premium x64 Step to...