Lucene search
+L

134 matches found

Cvelist
Cvelist
added 2019/01/18 6:0 p.m.22 views

CVE-2019-3906

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents...

8.6AI score0.0289EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2018/12/01 12:0 a.m.14 views

Description of Preview of Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4467086)

Description of Preview of Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 KB 4467086 Applies to: Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6.1, Microsoft .NET Framework 4.6.2, Microsoft .NET Framework 4.7, Microsoft .NET Framework...

6AI score
Exploits0
NVD
NVD
added 2018/07/03 12:29 p.m.17 views

CVE-2018-13101

KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from a privilege escalation vulnerability in the WCF endpoint. The exposed methods allow read and write access to the Windows registry and control of services. These methods may be abused to achieve privilege escalation via executio...

10CVSS9.6AI score0.02413EPSS
Exploits0References1
Prion
Prion
added 2018/07/03 12:29 p.m.14 views

Privilege escalation

KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from a privilege escalation vulnerability in the WCF endpoint. The exposed methods allow read and write access to the Windows registry and control of services. These methods may be abused to achieve privilege escalation via executio...

10CVSS9.5AI score0.02413EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/07/03 11:0 a.m.34 views

CVE-2018-13101

KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 has a privilege escalation flaw in the WCF endpoint. The exposed methods allow read/write access to the Windows registry and control of services, which attackers could abuse to escalate privileges via execution of attacker-controlled binari...

10CVSS9.5AI score0.02413EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/07/03 11:0 a.m.20 views

CVE-2018-13101

KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from a privilege escalation vulnerability in the WCF endpoint. The exposed methods allow read and write access to the Windows registry and control of services. These methods may be abused to achieve privilege escalation via executio...

9.6AI score0.02413EPSS
Exploits0References1
seebug.org
seebug.org
added 2017/04/27 12:0 a.m.113 views

Windows: Dolby Audio X2 Service EoP (CVE-2017-7293)

Windows: Dolby Audio X2 Service Elevation of Privilege Platform: Windows 10 + Realtek Audio Driver version 6.0.1.7898 on a Lenovo P50. Version of the service binary 0.7.2.61 built on 7/18/2016. Class: Elevation of Privilege Summary: The DAX2API service installed as part of the Realtek Audio Drive...

10CVSS7.9AI score0.23425EPSS
Exploits12
0day.today
0day.today
added 2017/04/25 12:0 a.m.144 views

Windows 10 Realtek Audio Driver 6.0.1.7898 - Dolby Audio X2 Service Privilege Escalation Vulnerabili

The DAX2API service installed as part of the Realtek Audio Driver on Windows 10 is vulnerable to a privilege escalation vulnerability which allows a normal user to get arbitrary system privileges. Windows: Dolby Audio X2 Service EoP CVE-2017-7293 Windows: Dolby Audio X2 Service Elevation of...

7.2CVSS7.7AI score0.23425EPSS
Exploits12
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.172 views

Realtek Audio Driver 6.0.1.7898 (Windows 10) - Dolby Audio X2 Service Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1075 Windows: Dolby Audio X2 Service Elevation of Privilege Platform: Windows 10 + Realtek Audio Driver version 6.0.1.7898 on a Lenovo P50. Version of the service binary 0.7.2.61 built on 7/18/2016. Class: Elevation of Privilege...

10CVSS7.6AI score0.23425EPSS
Exploits11
Citrix
Citrix
added 2016/12/14 12:0 a.m.8 views

SAML logons fail on replicated Storefront Server

SAML enabled logons via Storefront configured and working on one SF3.0 server. When trying to setup a second one and after joining it to the server group we get "cannot log on using smart card". If we uninstall SF from that server and reinstall and configure it manually do not add it to the serve...

7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/06/27 12:0 a.m.36 views

VideoCharge Software Watermark Master (CVE-2013-6935)

A stack based buffer overflow vulnerability was found in Watermark Master 2.2.23. The vulnerability is due to an error when Watermark Master improperly handles a specially crafted WCF file. Remote attackers can exploit this vulnerability and execute arbitrary code on the target machine by enticin...

9.3CVSS3.6AI score0.32351EPSS
Exploits4
seebug.org
seebug.org
added 2015/11/05 12:0 a.m.21 views

联想 ThinkVantage System Update 软件 UNCServer.exe 后门漏洞

文章作者: DannyWei@腾讯玄武实验室 参考来源: http://drops.wooyun.org/papers/10231 原文标题: 一个PC上的 "WormHole" 漏洞 前言 --- 最近安全界关注的焦点 WormHole 是一类不安全的开发习惯所导致的,在 PC 上类似问题也毫不罕见,只不过很多风险被微软默认自带的防火墙缓解了。希望本文和众多关于 WormHole 的讨论能获多或少地提高一些开发人员的安全意识。 下面要介绍的问题可导致的后果和 WormHole 非常类似:影响上亿用户、访问一个端口发送一条指令就可以让目标系统下载一个程序并执行。...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2015/11/02 8:37 p.m.14 views

Mail.ru: [allods.my.com] Full SQL Disclosure

Уязвимость имеет ту же природу, что и в 96729 и в 96727. Уязвимость возникает вследствие чтения ошибок через включенный Debug-режим. И там, и там - раскрытие информации за счёт debug-режима. Но для того, что бы раскрыть SQL запрос необходимо произвести Stress-тест многочисленными запросами любой...

Exploits0
Cvelist
Cvelist
added 2015/02/19 2:0 a.m.22 views

CVE-2014-5286

The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1 for WCF, and ActiveMatrix Management Agent 1.x before 1.2.1 for WebSphere allows remote attackers...

6.6AI score0.01369EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Watermark Master 2.2.23 - Buffer Overflow (SEH)

No description provided by source. !/usr/bin/python Exploit Title:Watermark Master Buffer Overflow SEH Date found: 31.10.2013 Exploit Author: metacom URL:http://www.videocharge.com/download.php Software Link:www.videocharge.com/download/WatermarkMasterInstall.exe Version: 2.2.23 Vulnerable...

7.1AI score
Exploits0
NVD
NVD
added 2013/12/04 6:56 p.m.20 views

CVE-2013-6935

Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the SourcePath value in a .wcf file...

9.3CVSS7.8AI score0.32351EPSS
Exploits4References2
Prion
Prion
added 2013/12/04 6:56 p.m.17 views

Buffer overflow

Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the SourcePath value in a .wcf file...

9.3CVSS8.4AI score0.32351EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2013/12/04 3:0 p.m.29 views

CVE-2013-6935

Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the SourcePath value in a .wcf file...

7.8AI score0.32351EPSS
Exploits4References2
seebug.org
seebug.org
added 2013/05/17 12:0 a.m.37 views

Microsoft .NET Framework 身份验证绕过漏洞(CVE-2013-1337)(MS13-040)

BUGTRAQ ID: 59790 CVECAN ID: CVE-2013-1337 .NET就是微软的用来实现XML,Web Services,SOA(面向服务的体系结构service-oriented architecture)和敏捷性的技术。.NET Framework是微软开发的软件框架,主要运行在Microsoft Windows上。 当设置自定义 WCF 终结点身份验证时,Microsoft .NET Framework...

7.5CVSS6.4AI score0.20632EPSS
Exploits1
Prion
Prion
added 2013/05/15 3:36 a.m.17 views

Authentication flaw

Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation WCF endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka...

7.5CVSS7.3AI score0.20632EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder