Lucene search
K

195 matches found

Packet Storm
Packet Storm
added 2023/07/26 12:0 a.m.342 views

VMWare Aria Operations For Networks Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Aria Operations for Networks vRealize Network Insight pre-authenticated RCE', 'Description' = %q VMWare Aria Operations for Networks...

9.8CVSS7.1AI score0.98243EPSS
Exploits7
NVD
NVD
added 2023/04/19 7:15 p.m.29 views

CVE-2023-1587

Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11...

5.8CVSS5.7AI score0.00211EPSS
Exploits0References1
Prion
Prion
added 2023/04/19 7:15 p.m.18 views

Null pointer dereference

Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11...

1.7CVSS5.5AI score0.00211EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2023/04/19 6:39 p.m.25 views

CVE-2023-1587

Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11...

5.8CVSS5.9AI score0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/19 6:39 p.m.8 views

CVE-2023-1587

Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11...

5.8CVSS5.7AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2023/04/19 6:39 p.m.50 views

CVE-2023-1587

CVE-2023-1587 affects Avast Antivirus and AVG Antivirus for Windows. PT-2023-2507 documents a NULL pointer dereference via the RPC interface in Avast/AVG versions prior to 22.11, with potential denial of service. Remediation is to upgrade to version 22.11 (patched build) or apply provided fixes. ...

5.8CVSS5.5AI score0.00211EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2023/04/03 12:0 a.m.5 views

PT-2023-2507 · Avg +1 · Avg Antivirus +1

Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 22.11 AVG Antivirus versions prior to 22.11 Description: The issue is related to a NULL pointer dereference problem via the RPC-interface, which could allow an attacker to cause a denial of service. The...

5.8CVSS5.4AI score0.00211EPSS
Exploits0References6
Akamai Blog
Akamai Blog
added 2023/02/22 3:0 p.m.11 views

Fantastic RPC Interfaces and How to Find Them

Looking for your next security research project? Our RPC Interface Analyzer tool can help you find it...

0.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.5 views

SUSE CVE-2014-8163

Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5...

6.5CVSS7AI score0.0152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.4 views

SUSE CVE-2014-8162

XML external entity XXE in the RPC interface in Spacewalk and Red Hat Network RHN Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors...

7.5CVSS7.4AI score0.02694EPSS
Exploits0References5
NVD
NVD
added 2023/01/13 1:15 a.m.29 views

CVE-2022-46478

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...

9.8CVSS9.8AI score0.01091EPSS
Exploits1References1
OSV
OSV
added 2023/01/13 1:15 a.m.16 views

CVE-2022-46478

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...

9.8CVSS7.7AI score
Exploits0References1
Prion
Prion
added 2023/01/13 1:15 a.m.16 views

Design/Logic Flaw

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...

7.5CVSS9.6AI score0.01091EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/01/13 12:0 a.m.24 views

CVE-2022-46478

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...

10AI score0.01091EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/01/13 12:0 a.m.4 views

PT-2023-14939 · Datax-Web · Datax-Web

Name of the Vulnerable Software and Affected Versions: datax-web versions 1.0.0 through 2.1.2 Description: The issue concerns the RPC interface in datax-web, which lacks permission checks by default. This allows attackers to execute arbitrary commands by sending crafted Hessian serialized data...

9.8CVSS9.8AI score0.01091EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/01/13 12:0 a.m.5 views

CVE-2022-46478

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...

9.8AI score0.01091EPSS
Exploits1References1
CVE
CVE
added 2023/01/13 12:0 a.m.55 views

CVE-2022-46478

The CVE-2022-46478 issue affects datax-web v1.0.0 and v2.0.0 through v2.1.2. The RPC interface does not perform default permission checks, enabling an attacker to execute arbitrary commands by sending crafted Hessian-serialized data. Impact is described as remote command execution over the networ...

9.8CVSS9.6AI score0.01091EPSS
Exploits1References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2022/10/21 12:0 a.m.31 views

Oracle VirtualBox COM RPC Interface Improper Access Control Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the COM RPC...

8.8CVSS4.7AI score0.00349EPSS
Exploits0References1
Akamai Blog
Akamai Blog
added 2022/10/11 7:0 a.m.18 views

Cold Hard Cache — Bypassing RPC Interface Security with Cache Abuse

...

7AI score
Exploits0
OSV
OSV
added 2022/04/24 9:31 p.m.10 views

GSD-2022-1001650 memory: renesas-rpc-if: fix platform-device leak in error path

memory: renesas-rpc-if: fix platform-device leak in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.35 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder