Lucene search
K

32 matches found

Cvelist
Cvelist
added 2024/03/14 3:4 a.m.36 views

CVE-2024-1223 Improper authorization controls in PaperCut NG/MF

This vulnerability potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid usernames, device names and an internal system key. For such an attack to be successful the system must be in ...

4.8CVSS5.2AI score0.00445EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/14 12:0 a.m.3 views

PT-2024-17496 · Papercut · Papercut Ng

Name of the Vulnerable Software and Affected Versions: PaperCut NG affected versions not specified Description: This issue potentially allows unauthorized enumeration of information from the embedded device APIs. An attacker must already have existing knowledge of some combination of valid...

4.8CVSS6.8AI score0.00445EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/04/21 12:0 a.m.4 views

PT-2023-22821 · Rust +2 · Rust +2

Name of the Vulnerable Software and Affected Versions: Wasmtime versions prior to 6.0.2 Wasmtime versions prior to 7.0.1 Wasmtime versions prior to 8.0.1 Description: Wasmtime's implementation of managing per-instance state contains LLVM-level undefined behavior, which can cause runtime-level...

8.8CVSS8.5AI score0.0045EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9751

The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by...

6.8CVSS6.8AI score0.04532EPSS
Exploits0References5
Fedora
Fedora
added 2022/07/17 1:15 a.m.38 views

[SECURITY] Fedora 35 Update: golang-github-google-wire-0.4.0-6.fc35

Wire is a code generation tool that automates connecting components using dependency injection. Dependencies between components are represented in Wire as function parameters, encouraging explicit initialization instead of global variables. Because Wire operates without runtime state or reflectio...

9.3CVSS9.2AI score0.05994EPSS
Exploits3
OSV
OSV
added 2022/05/24 4:58 p.m.22 views

GHSA-82V2-F875-73G9 Wildfly Authorization Misconfiguration

A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...

4.9CVSS6.3AI score0.01141EPSS
Exploits0References16
Github Security Blog
Github Security Blog
added 2022/05/24 4:58 p.m.16 views

Wildfly Authorization Misconfiguration

A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...

5.2CVSS6.8AI score0.01141EPSS
Exploits0References16Affected Software1
Prion
Prion
added 2019/10/14 3:15 p.m.20 views

Design/Logic Flaw

A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server...

4CVSS6.3AI score0.01141EPSS
Exploits0References12Affected Software4
NVD
NVD
added 2015/10/06 1:59 a.m.30 views

CVE-2014-9751

The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by...

6.8CVSS7.4AI score0.04532EPSS
Exploits0References9
OSV
OSV
added 2015/10/06 1:59 a.m.2 views

DEBIAN-CVE-2014-9751

The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by...

6.8CVSS6.8AI score0.04532EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/06/20 12:0 a.m.26 views

Fedora 17 : hostapd-0.7.3-9.fc17 (2012-9137)

Remove hostapd-specific runtime state directory Fixup typo in pid file path in hostapd.service Add BuildRequires for systemd-units Fixup typo in configuration file path in hostapd.service Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

2.1CVSS5.4AI score0.00353EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/06/20 12:0 a.m.23 views

Fedora 16 : hostapd-0.7.3-9.fc16 (2012-9206)

Remove hostapd-specific runtime state directory Fixup typo in pid file path in hostapd.service Fixup typo in configuration file path in hostapd.service Tighten-up default permissions for hostapd.conf CVE-2012-2389 Add BuildRequires for systemd-units Fixup typo in configuration file path in...

2.1CVSS5.4AI score0.00353EPSS
Exploits0References4
Rows per page
Query Builder