Lucene search
+L

239 matches found

Cvelist
Cvelist
added 2023/12/13 8:53 p.m.38 views

CVE-2023-48702 Jellyfin Possible Remote Code Execution via custom FFmpeg binary

Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the /System/MediaEncoder/Path endpoint executes an arbitrary file using ProcessStartInfo via the ValidateVersion function. A malicious administrator can setup a network share and supply a UNC path to...

7.2CVSS7.1AI score0.01196EPSS
Exploits1References3
OSV
OSV
added 2023/12/13 8:53 p.m.24 views

CVE-2023-48702 Jellyfin Possible Remote Code Execution via custom FFmpeg binary

Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the /System/MediaEncoder/Path endpoint executes an arbitrary file using ProcessStartInfo via the ValidateVersion function. A malicious administrator can setup a network share and supply a UNC path to...

7.2CVSS6.9AI score0.01196EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/09/01 12:0 a.m.5 views

PTC Kepware KEPServerEX Input Validation Error Vulnerability

PTC Kepware KEPServerEX is an industrial automation data connectivity solution from PTC Corporation. PTC Kepware KEPServerEX 6.14.263.0 and earlier versions suffer from an input validation error vulnerability that stems from easy UNC path injection via a malicious project file.By tricking a user...

4.7CVSS7.1AI score0.00214EPSS
Exploits0References5
ICS
ICS
added 2023/08/31 6:0 a.m.159 views

PTC Kepware KepServerEX (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : PTC Equipment : Kepware KepServerEX Vulnerabilities : Uncontrolled Search Path Element, Improper Input Validation, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of...

7.8CVSS7.1AI score0.00306EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/08/25 12:0 a.m.4 views

PT-2023-6970 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to insufficient protection of service data during NTLM authentication, specifically with the IsUNCPath method. This can allow a remote attacker to...

8CVSS9.1AI score0.86588EPSS
Exploits0References10
NVD
NVD
added 2023/08/10 11:15 p.m.22 views

CVE-2023-40235

An NTLM Hash Disclosure was discovered in ArchiMate Archi before 5.1.0. When parsing the XMLNS value of an ArchiMate project file, if the namespace does not match the expected ArchiMate URL, the parser will access the provided resource. If the provided resource is a UNC path pointing to a share...

6.5CVSS6.5AI score0.00702EPSS
Exploits1References4
Prion
Prion
added 2023/08/10 11:15 p.m.17 views

Design/Logic Flaw

An NTLM Hash Disclosure was discovered in ArchiMate Archi before 5.1.0. When parsing the XMLNS value of an ArchiMate project file, if the namespace does not match the expected ArchiMate URL, the parser will access the provided resource. If the provided resource is a UNC path pointing to a share...

4.3CVSS6.4AI score0.00702EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/10 12:0 a.m.12 views

CVE-2023-40235

An NTLM Hash Disclosure was discovered in ArchiMate Archi before 5.1.0. When parsing the XMLNS value of an ArchiMate project file, if the namespace does not match the expected ArchiMate URL, the parser will access the provided resource. If the provided resource is a UNC path pointing to a share...

6.8AI score0.00702EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/08/10 12:0 a.m.22 views

CVE-2023-40235

An NTLM Hash Disclosure was discovered in ArchiMate Archi before 5.1.0. When parsing the XMLNS value of an ArchiMate project file, if the namespace does not match the expected ArchiMate URL, the parser will access the provided resource. If the provided resource is a UNC path pointing to a share...

6.6AI score0.00702EPSS
Exploits1References4
OSV
OSV
added 2023/08/10 12:0 a.m.16 views

CVE-2023-40235

An NTLM Hash Disclosure was discovered in ArchiMate Archi before 5.1.0. When parsing the XMLNS value of an ArchiMate project file, if the namespace does not match the expected ArchiMate URL, the parser will access the provided resource. If the provided resource is a UNC path pointing to a share...

6.5CVSS7AI score0.00702EPSS
Exploits1References6
Securelist
Securelist
added 2023/07/19 12:0 p.m.77 views

Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

On March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability CVSS: 9.8 CRITICAL. The publication generated a lot of activity among white, grey and black hat researchers, as well as lots of publications and tweets about the vulnerability and i...

7.5CVSS9.2AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/03/16 7:10 p.m.537 views

Exploit for Improper Input Validation in Microsoft

A Simple PoC in PowerShell for CVE-2023-23397 CVE-2023-23397...

9.8CVSS10AI score0.97408EPSS
Exploits18
Prion
Prion
added 2023/02/16 2:15 p.m.25 views

Directory traversal

Qaelum DOSE 18.08 through 21.1 before 21.2 allows Directory Traversal via the loadimages name parameter. It allows a user to specify an arbitrary location on the server's filesystem from which to load an image. Only images are displayed to the attacker. All other files are loaded but not displaye...

4CVSS4.9AI score0.00729EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/16 12:0 a.m.69 views

CVE-2022-38731

CVE-2022-38731 affects Qaelum DOSE versions 18.08–21.1 prior to 21.2. The issue is a directory traversal via the loadimages name parameter, allowing an attacker to specify an arbitrary filesystem path to load images (only images displayed; other files loaded but not shown) and to enumerate local ...

4.3CVSS4.8AI score0.00729EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2022/12/26 10:36 a.m.406 views

Exploit for CVE-2022-26809

Cve-2022-26809 CVE-2022-26809 This repo just simply resear...

10CVSS9.8AI score0.91316EPSS
Exploits14
Github Security Blog
Github Security Blog
added 2022/12/13 6:30 p.m.50 views

pgadmin4 vulnerable to Code Injection

The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to...

8.8CVSS8.3AI score0.79933EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2022/12/13 4:15 p.m.49 views

CVE-2022-4223

The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. The utility is executed by the server to determine what PostgreSQL version it is from. Versions of pgAdmin prior to 6.17 failed to...

8.8CVSS0.79933EPSS
Exploits0References2
Prion
Prion
added 2022/08/10 8:16 p.m.15 views

Design/Logic Flaw

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e., \\sms,...

7.5CVSS9.4AI score0.53389EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/10 4:5 p.m.29 views

CVE-2022-38130

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e., \\sms,...

9.7AI score0.53389EPSS
Exploits0References1
CVE
CVE
added 2022/08/10 4:5 p.m.68 views

CVE-2022-38130

CVE-2022-38130 affects Keysight SMS (com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip). An unauthenticated, remote attacker can supply an UNC path to a zipped HSQLDB database, causing the database content to be restored and potentially enabling remote code execution as described...

9.8CVSS9.4AI score0.53389EPSS
In wildExploits0References1Affected Software1
Rows per page
Query Builder