Lucene search
K

106 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-9802

Malware in sbrugna...

7.8CVSS5.9AI score0.00619EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-39581

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00321EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-31319

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00183EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/10/02 2:58 p.m.11 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.00979EPSS
Exploits2References14
OSV
OSV
added 2025/08/08 9:21 a.m.9 views

CVE-2025-48913 Apache CXF: Untrusted JMS configuration can lead to RCE

If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility. Users are recommended to upgrade to versions 3.6.8...

9.8CVSS7.4AI score0.00793EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 6:37 a.m.8 views

CVE-2024-42376

SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. On successful exploitation, an attacker can cause a high impact on confidentiality of the application...

6.5CVSS7.1AI score0.00321EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:15 p.m.10 views

CVE-2020-1314

An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server fails to properly handle messages sent from TSF clients, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'...

7.8CVSS6.8AI score0.03027EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:59 a.m.6 views

CVE-2019-1235

An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server process does not validate the source of input or commands it receives, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'...

7.8CVSS7.2AI score0.00619EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:45 a.m.6 views

CVE-2024-33582

A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...

7.8CVSS7.1AI score0.00183EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/04 8:13 p.m.6 views

apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients

A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory...

7.5CVSS5.7AI score0.01197EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.10 views

The vulnerability of the SAP Shared Service Framework’s network service management software, related to deficiencies in the authentication process, allows a perpetrator to escalate their privileges.

The vulnerability of the SAP Shared Service Framework’s network service management software is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

4.3CVSS5.5AI score0.00246EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/10/11 4:15 p.m.7 views

CVE-2024-33582

A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...

7.8CVSS0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/11 3:17 p.m.4 views

CVE-2024-33582

A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...

7.8CVSS7AI score0.00183EPSS
Exploits0References1
CVE
CVE
added 2024/10/11 3:17 p.m.39 views

CVE-2024-33582

CVE-2024-33582 describes a DLL hijack vulnerability in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. The available connected documents reiterate a local, privilege-escalation scenario but do not provide concrete exploitation details, affected...

7.8CVSS7.1AI score0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/11 3:17 p.m.15 views

CVE-2024-33582

A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...

7.8CVSS0.00183EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.6 views

PT-2024-25351 · Lenovo · Lenovo Service Framework

Name of the Vulnerable Software and Affected Versions: Lenovo Service Framework affected versions not specified Description: A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. The vulnerability affects...

7.8CVSS7.2AI score0.00183EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.5 views

Lenovo Service Framework 安全漏洞

Lenovo Service Framework is a utility program from the Chinese company Lenovo. A security vulnerability exists in Lenovo Service Framework. A local attacker could exploit the vulnerability to elevate privileges and execute code...

7.8CVSS6.6AI score0.00183EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/16 12:0 a.m.6 views

The vulnerability of the SAP Shared Service Framework’s network service management software, related to deficiencies in the authentication process, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SAP Shared Service Framework’s network service management software is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.5AI score0.00321EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/08/15 8:11 p.m.6 views

cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding

A server-side request forgery SSRF vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted...

9.3CVSS5.8AI score0.05849EPSS
Exploits0References6
NVD
NVD
added 2024/08/13 4:15 a.m.31 views

CVE-2024-42377

SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application...

4.3CVSS0.00246EPSS
Exploits0References2
Rows per page
Query Builder