Lucene search
K

41 matches found

NVD
NVD
added 2025/04/16 6:16 p.m.6 views

CVE-2025-32835

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariableArchivingBuffering' method. This could allow an authenticated remote attacker to bypass authorization...

8.8CVSS0.00683EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/07 7:38 p.m.17 views

CVE-2025-2003

Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission...

7.1CVSS6.9AI score0.00409EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:33 a.m.9 views

CVE-2024-42449

From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine...

7.1CVSS7AI score0.05368EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/01/23 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-42448

From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to perform Remote Code Execution RCE on the VSPC server machine...

9.9CVSS5.9AI score0.20057EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/12 12:0 a.m.3 views

Veeam Service Provider Console 安全漏洞

Veeam Service Provider Console is a cloud-enabled platform from Veeam USA. A security vulnerability exists in Veeam Service Provider Console version 8.1 that originates from a remote code execution that can be performed by a management agent machine on a VSPC server machine with server...

9.9CVSS9.6AI score0.20057EPSS
Exploits1References1
Citrix
Citrix
added 2024/07/19 12:0 a.m.34 views

FAS raises error "Server [*****$] is not authorized to assert identities using rule

After clicking the icon, the APP launch fails with following event log on FAS server Log Name: Application Source: Citrix.Authentication.FederatedAuthenticationService Date: 7/12/1999 10:10:04 AM Event ID: 101 Task Category: None Level: Warning Keywords: Classic User: N/A Computer: FASTEST.fasS.c...

6.6AI score
Exploits0
CNNVD
CNNVD
added 2024/05/27 12:0 a.m.6 views

IdentiBot 安全漏洞

IdentiBot is an open source Discord bot at MIT University written in Node.js that is used to verify an individual's affiliation with MIT, grant them a role in the Discord server, and store information about them in a database backend. IdentiBot has a security vulnerability that stems from members...

7.5CVSS6.6AI score0.005EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/26 12:0 a.m.3 views

PT-2024-13963 · Lexmark · Lexmark Devices

Name of the Vulnerable Software and Affected Versions: Lexmark devices affected versions not specified Description: A buffer overflow vulnerability has been identified in the Internet Printing Protocol IPP in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute...

8.8CVSS8.3AI score0.00609EPSS
Exploits0References10
NVD
NVD
added 2024/04/02 5:15 p.m.26 views

CVE-2024-2435

For an attacker with pre-existing access to send a signal to a workflow, the attacker can make the signal name a script that executes when a victim views that signal. The XSS is in the timeline page displaying the workflow execution details of the workflow that was sent the crafted signal. Access...

4.3CVSS4.4AI score0.00394EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/14 12:0 a.m.6 views

Candlepin Security Breach

Candlepin is a collection of tools that allow companies to manage software subscriptions. A security vulnerability exists in Candlepin that stems from a security flaw in the authorization checking of the server component...

8.1CVSS6.8AI score0.00485EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.24 views

EulerOS Virtualization 2.9.1 : libX11 (EulerOS-SA-2021-2744)

According to the versions of the libX11 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11...

9.8CVSS7.7AI score0.10634EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.52 views

openSUSE 15 Security Update : libX11 (openSUSE-SU-2021:1897-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1897-1 advisory. - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor...

9.8CVSS7.7AI score0.10634EPSS
Exploits2References4
OSV
OSV
added 2021/06/22 11:2 a.m.3 views

OESA-2021-1235 libX11 security update

Core X11 protocol client library. Security Fixes: LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended for server-side color lookup contains a flaw allowing a client to send color-name...

9.8CVSS7.5AI score0.10634EPSS
Exploits2References2
Prion
Prion
added 2021/05/27 1:15 p.m.34 views

Authorization

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended for server-side color lookup contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allow...

7.5CVSS9.5AI score0.10634EPSS
Exploits2References19Affected Software3
UbuntuCve
UbuntuCve
added 2021/05/18 12:0 a.m.47 views

CVE-2021-31535

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended for server-side color lookup contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allow...

9.8CVSS7.1AI score0.10634EPSS
Exploits2References7
CNVD
CNVD
added 2021/04/13 12:0 a.m.5 views

Apache Solr Information Disclosure Vulnerability

Apache Solr is a standalone enterprise-class search application server. Apache Solr information disclosure vulnerability can be exploited by an attacker to gain unauthorized access to server authentication and authorization profiles...

7.5CVSS6.6AI score0.07805EPSS
Exploits0References1
CVE
CVE
added 2019/10/29 5:0 p.m.83 views

CVE-2019-15683

CVE-2019-15683 affects TurboVNC server. A stack-based buffer overflow exists in code prior to commit cea98166008301e614e0d36776bf9435a536136e, due to insufficient stack canary protection. The vulnerability can be exploited over the network and requires server authorization to trigger. Patches fix...

9.8CVSS9.9AI score0.19387EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/09/07 12:0 a.m.4 views

Cisco Enterprise NFV Infrastructure Software Denial of Service Vulnerability

Cisco Enterprise NFV Infrastructure Software NFVIS is a suite of NVF infrastructure software platforms from Cisco. The platform can be achieved through the central coordinator and controller of the virtualization services of the full lifecycle management. A denial-of-service vulnerability exists ...

6.8CVSS6.6AI score0.01789EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/01/26 7:12 p.m.10 views

server: patch operation should use patched object to check admission control

An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain requests. An authenticated remote attacker could use this flaw to gain additional access to resources such as RAM and disk space...

7.7CVSS7.4AI score0.01583EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/04/29 12:0 a.m.36 views

RHEL 7 : 389-ds-base (RHSA-2015:0895)

Updated 389-ds-base packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

7.5CVSS7AI score0.02142EPSS
Exploits0References3
Rows per page
Query Builder