CVE-2026-39907

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

CVE-2026-39907

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2...

PT-2026-5382

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

Remote Code Execution (RCE)

CSLA .NET is vulnerable to remote code execution RCE. The vulnerability is due to the use of the obsolete NetDataContractSerializer NDCS in WcfProxy, which allows an attacker to execute arbitrary code during the deserialization process...

EUVD-2019-9592

Malware in sbrugna...

EUVD-2013-0533

Malware in sbrugna...

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'...

Uncontrolled Resource Consumption ('Resource Exhaustion')

Overview Affected versions of this package are vulnerable to Uncontrolled Resource Consumption 'Resource Exhaustion' due to the handling of connections in NetFraming based services. An attacker can consume extra system resources by establishing connections that are not properly closed or aborted...

CoreWCF Security Vulnerabilities

CoreWCF is an open source project of the CoreWCF project that aims to provide an alternative implementation of WCF Windows Communication Foundation for .NET Core and .NET 5+. A security vulnerability exists in CoreWCF versions 1.4.1 and 1.5.1, which stems from the fact that a service based on...

January 11, 2022-KB5008876 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2

January 11, 2022-KB5008876 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2 Release Date: January 11, 2022 Version: .NET Framework 3.5 and 4.8 Summary Security Improvements This securi...

ControlUp Real-Time Agent 信任管理问题漏洞

ControlUp Real-Time Agent is a real-time agent from Controlup, Inc. A security vulnerability exists in ControlUp Real-Time Agent that stems from a hard-coded key in ControlUp Real-Time Agent versions prior to 8.2.5 that allows potential attackers to exploit the vulnerability to run operating syst...

CVE-2021-31475

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF...

CVE-2020-12013

A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C 10.95.208.31 and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A 9.50.255.02; ICONICS GenBroker6...

Microsoft SharePoint Server 2013 build < 15.0.5153.1000 Multiple Vulnerabilities

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities : - An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of...

Microsoft SharePoint Server 2016 build < 16.0.4873.1000 Multiple Vulnerabilities

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities : - An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of...

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'...

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'...

Microsoft .NET Framework Multiple Vulnerabilities (KB4506987)

This host is missing a critical security update according to Microsoft KB4506987 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Microsoft .NET Framework Multiple Vulnerabilities (KB4506989)

This host is missing a critical security update according to Microsoft KB4506989 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Microsoft .NET Framework Multiple Vulnerabilities (KB4506986)

This host is missing a critical security update according to Microsoft KB4506986 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...