106 matches found
EUVD-2019-9802
Malware in sbrugna...
EUVD-2024-39581
Malicious code in bioql PyPI...
EUVD-2024-31319
Malicious code in bioql PyPI...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.0 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2025-48913 Apache CXF: Untrusted JMS configuration can lead to RCE
If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility. Users are recommended to upgrade to versions 3.6.8...
CVE-2024-42376
SAP Shared Service Framework does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. On successful exploitation, an attacker can cause a high impact on confidentiality of the application...
CVE-2020-1314
An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server fails to properly handle messages sent from TSF clients, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'...
CVE-2019-1235
An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server process does not validate the source of input or commands it receives, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'...
CVE-2024-33582
A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...
apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients
A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory...
The vulnerability of the SAP Shared Service Framework’s network service management software, related to deficiencies in the authentication process, allows a perpetrator to escalate their privileges.
The vulnerability of the SAP Shared Service Framework’s network service management software is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...
CVE-2024-33582
A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...
CVE-2024-33582
A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...
CVE-2024-33582
CVE-2024-33582 describes a DLL hijack vulnerability in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. The available connected documents reiterate a local, privilege-escalation scenario but do not provide concrete exploitation details, affected...
CVE-2024-33582
A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges...
PT-2024-25351 · Lenovo · Lenovo Service Framework
Name of the Vulnerable Software and Affected Versions: Lenovo Service Framework affected versions not specified Description: A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. The vulnerability affects...
Lenovo Service Framework 安全漏洞
Lenovo Service Framework is a utility program from the Chinese company Lenovo. A security vulnerability exists in Lenovo Service Framework. A local attacker could exploit the vulnerability to elevate privileges and execute code...
The vulnerability of the SAP Shared Service Framework’s network service management software, related to deficiencies in the authentication process, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SAP Shared Service Framework’s network service management software is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding
A server-side request forgery SSRF vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted...
CVE-2024-42377
SAP shared service framework allows an authenticated non-administrative user to call a remote-enabled function, which will allow them to insert value entries into a non-sensitive table, causing low impact on integrity of the application...