195 matches found
VMWare Aria Operations For Networks Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Aria Operations for Networks vRealize Network Insight pre-authenticated RCE', 'Description' = %q VMWare Aria Operations for Networks...
CVE-2023-1587
Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11...
Null pointer dereference
Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11...
CVE-2023-1587
Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11...
CVE-2023-1587
Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11...
CVE-2023-1587
CVE-2023-1587 affects Avast Antivirus and AVG Antivirus for Windows. PT-2023-2507 documents a NULL pointer dereference via the RPC interface in Avast/AVG versions prior to 22.11, with potential denial of service. Remediation is to upgrade to version 22.11 (patched build) or apply provided fixes. ...
PT-2023-2507 · Avg +1 · Avg Antivirus +1
Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 22.11 AVG Antivirus versions prior to 22.11 Description: The issue is related to a NULL pointer dereference problem via the RPC-interface, which could allow an attacker to cause a denial of service. The...
Fantastic RPC Interfaces and How to Find Them
Looking for your next security research project? Our RPC Interface Analyzer tool can help you find it...
SUSE CVE-2014-8163
Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5...
SUSE CVE-2014-8162
XML external entity XXE in the RPC interface in Spacewalk and Red Hat Network RHN Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors...
CVE-2022-46478
The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...
CVE-2022-46478
The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...
Design/Logic Flaw
The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...
CVE-2022-46478
The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...
PT-2023-14939 · Datax-Web · Datax-Web
Name of the Vulnerable Software and Affected Versions: datax-web versions 1.0.0 through 2.1.2 Description: The issue concerns the RPC interface in datax-web, which lacks permission checks by default. This allows attackers to execute arbitrary commands by sending crafted Hessian serialized data...
CVE-2022-46478
The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...
CVE-2022-46478
The CVE-2022-46478 issue affects datax-web v1.0.0 and v2.0.0 through v2.1.2. The RPC interface does not perform default permission checks, enabling an attacker to execute arbitrary commands by sending crafted Hessian-serialized data. Impact is described as remote command execution over the networ...
Oracle VirtualBox COM RPC Interface Improper Access Control Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the COM RPC...
Cold Hard Cache — Bypassing RPC Interface Security with Cache Abuse
...
GSD-2022-1001650 memory: renesas-rpc-if: fix platform-device leak in error path
memory: renesas-rpc-if: fix platform-device leak in error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.35 by commit...