866 matches found
AZL-37027 CVE-2023-42669 affecting package samba 4.18.3-2
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
AZL-31940 CVE-2023-42669 affecting package samba 4.12.5-7
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
CVE-2023-42669 Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
CVE-2023-42669 Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
samba: "rpcecho" development server allows denial of service via sleep() call on AD DC
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
The vulnerability of the dcesrv_echo_TestSleep() RPC-server of the rpcecho package in the Samba networking communication library allows a attacker to cause a service failure.
The vulnerability of the dcesrvechoTestSleep RPC-server of the rpcecho network interaction software package in Samba is related to improper release of resources. Exploiting this vulnerability could allow a remote attacker to cause service failures...
CVE-2023-5563
The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIGCANAUTOBUSOFFRECOVERY=y. This results in calling ksleep in IRQ context, causing a fatal exception...
UBUNTU-CVE-2023-42669
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...
September 26, 2023—KB5030310 (OS Build 22621.2361) Preview
September 26, 2023—KB5030310 OS Build 22621.2361 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate ...
TOTOLINK Wireless Routers Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'TOTOLINK Wireless Routers unauthenticated remote command execution vulnerability.', 'Description' = %q Multiple TOTOLINK...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6339-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6339-1 advisory. It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An...
CVE-2023-38905
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PGSleep, DBMSLock.Sleep, Waitfor, DECODE, and DBMSPIPE.RECEIVEMESSAGE functions...
PT-2023-26678 · Unknown · Jeecg-Boot
Name of the Vulnerable Software and Affected Versions: Jeecg-boot versions 3.5.0 and earlier Description: The issue allows a local attacker to cause a denial of service via the functions Benchmark, PG Sleep, DBMS Lock.Sleep, Waitfor, DECODE, and DBMS PIPE.RECEIVE MESSAGE. This is a result of a SQ...
July 25, 2023—KB5028244 (OS Build 19045.3271) Preview
July 25, 2023—KB5028244 OS Build 19045.3271 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...
WordPress Database Administrator <= 1.0.3 - Unauthenticated SQL Injection
Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. Run the command: curl -i -s -k -X POST --data-binary...
Groomify v1.0 - SQL Injection
Exploit Title: Groomify v1.0 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/groomify-barbershop-salon-spa-booking-and-ecommerce-platform/45808114 Demo Site: https://script.bugfinder.net/groomify Tested on: Kali Linux CVE: N/A Vulnerable URL...
CVE-2023-29761
An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files...
CVE-2023-29761
An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files...
CVE-2023-29761
An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files...
Design/Logic Flaw
An issue found in Sleep v.20230303 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files...