Lucene search
K

203 matches found

CNNVD
CNNVD
added 2024/07/28 12:0 a.m.8 views

Splashtop Streamer 安全漏洞

Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.7.0.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...

7CVSS6.7AI score0.0014EPSS
Exploits0References3
CVE
CVE
added 2024/07/28 12:0 a.m.77 views

CVE-2024-42052

The CVE-2024-42052 issue concerns the MSI installer for Splashtop Streamer for Windows prior to version 3.5.8.0. The installer uses a temporary folder with weak permissions during installation, allowing a local user to escalate privileges to SYSTEM by placing a wevtutil.exe file in that folder. A...

7.8CVSS7.2AI score0.00213EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2024/01/25 4:15 p.m.20 views

Design/Logic Flaw

The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...

4.3CVSS7.2AI score0.00179EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/09/20 2:15 a.m.5 views

CVE-2023-31014

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial ...

4.8CVSS5.9AI score0.0013EPSS
Exploits0References1
Prion
Prion
added 2023/09/20 2:15 a.m.18 views

Design/Logic Flaw

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial ...

4.1CVSS5.2AI score0.0013EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/20 1:13 a.m.29 views

CVE-2023-31014

NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial ...

4.2CVSS5.5AI score0.0013EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/07 12:0 a.m.6 views

PT-2023-23112 · Nvidia · Nvidia Geforce Now

Name of the Vulnerable Software and Affected Versions: NVIDIA GeForce Now for Android affected versions not specified Description: The issue is related to a vulnerability in the game launcher component of NVIDIA GeForce Now for Android. A malicious application on the same device can process the...

4.8CVSS5AI score0.0013EPSS
Exploits0References6
OSV
OSV
added 2023/07/26 8:15 a.m.3 views

CVE-2023-32468

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...

4.9CVSS5.8AI score0.00383EPSS
Exploits0References1
NVD
NVD
added 2023/07/26 8:15 a.m.24 views

CVE-2023-32468

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...

5.8CVSS5.4AI score0.00383EPSS
Exploits0References1
Prion
Prion
added 2023/07/26 8:15 a.m.22 views

Code injection

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...

3.3CVSS5AI score0.00383EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/26 7:11 a.m.12 views

CVE-2023-32468

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...

5.8CVSS6.5AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/26 7:11 a.m.28 views

CVE-2023-32468

Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data...

5.8CVSS5.7AI score0.00383EPSS
Exploits0References1
CVE
CVE
added 2023/07/26 7:11 a.m.41 views

CVE-2023-32468

CVE-2023-32468 affects Dell EMC ECS Streamer prior to 2.0.7.1. The vulnerability is an insertion of sensitive information into log files, enabling exposure of sensitive data when logs are accessible. A remote, high-privileged attacker could potentially exploit this issue via log handling, as desc...

5.8CVSS4.9AI score0.00383EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.6 views

Dell EMC ECS 日志信息泄露漏洞

Dell EMC ECS is a storage device from Dell USA. A log information disclosure vulnerability exists in Dell EMC ECS Streamer prior to version 2.0.7.1, which originates from inserting sensitive information into a log file, resulting in the disclosure of sensitive data...

5.8CVSS5.3AI score0.00383EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.5 views

PT-2023-23809 · Dell · Dell Ecs Streamer

Name of the Vulnerable Software and Affected Versions: Dell ECS Streamer versions prior to 2.0.7.1 Description: The issue concerns the insertion of sensitive information in log files, which could be exploited by a remote malicious high-privileged user, leading to exposure of this sensitive data...

5.8CVSS5AI score0.00383EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.3 views

PT-2023-35902 · Git +1 · Serenity

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue is identified, potentially causing a crash. The crash occurs in the Gfx::InputStreamer::read u24 function, which is...

6.9AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2022/10/27 4:30 p.m.13 views

New streaming ad technology plays hide-and-seek with gamers

A new form of digital advertising is looking to make its way to you courtesy of video gaming. However, theres a rather peculiar twist involved. These ads wont appear in front of you while playing; in fact, theyre designed to trigger when someone else is in-game. The most baffling twist of all?...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:22 p.m.3 views

Malicious code in shaka-streamer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7e116b92ae5de6b655e072cecc31ef8109e396fe3a1d6e6534d7e1a76796141 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:22 p.m.8 views

MAL-2022-6072 Malicious code in shaka-streamer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7e116b92ae5de6b655e072cecc31ef8109e396fe3a1d6e6534d7e1a76796141 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:21 p.m.4 views

Malicious code in remote-dev-jobs-streamer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5f1d86e52a908d4297ad2c989b9432b67179e88abd1e96fee8b9f1e00977a66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder