Lucene search
+L

316 matches found

OSV
OSV
added 2024/05/14 3:39 p.m.6 views

CVE-2024-3037

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...

7.8CVSS5.8AI score0.004EPSS
Exploits0References2
NVD
NVD
added 2024/05/14 3:39 p.m.25 views

CVE-2024-3037

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...

7.8CVSS5.9AI score0.004EPSS
Exploits0References2
CVE
CVE
added 2024/05/14 12:13 a.m.42 views

CVE-2024-4712

CVE-2024-4712 and CVE-2024-8405 describe an arbitrary file creation issue in PaperCut NG/MF on Windows servers with Web Print enabled, affecting the image-handler/web‑print.exe process. The flaws allow a malicious payload to cause the creation of files that shouldn’t exist, potentially enabling l...

7.8CVSS6.5AI score0.00406EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/05/14 12:13 a.m.16 views

CVE-2024-4712 Arbitrary File Creation in PaperCut NG/MF Web Print Image Handler

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead ...

7.8CVSS6.5AI score0.00406EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 12:13 a.m.25 views

CVE-2024-4712 Arbitrary File Creation in PaperCut NG/MF Web Print Image Handler

An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead ...

7.8CVSS6.1AI score0.00406EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 12:12 a.m.15 views

CVE-2024-3037 Arbitrary File Deletion in PaperCut NG/MF Web Print

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...

7.8CVSS7.5AI score0.004EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

Veritas System Recovery 安全漏洞

Veritas System Recovery is a fast, easy-to-use backup and recovery solution for Microsoft Windows servers from Veritas USA. A security vulnerability exists in versions prior to Veritas System Recovery 23.2Hotfix that stems from incorrect permissions on the Veritas System Recovery folder...

8.4CVSS6.6AI score0.00245EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/12 12:0 a.m.3 views

PT-2024-10234 · Sap · Sapsetup

Name of the Vulnerable Software and Affected Versions: SAP Setup affected versions not specified Description: The issue is related to a DLL injection vulnerability in SAPSetup, which could allow an attacker with local user privileges or access to a compromised corporate user's Windows account to...

7.8CVSS7.2AI score0.00175EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/05/07 12:0 a.m.7 views

The vulnerability of the DHCP server service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the DHCP server service for Windows operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.3CVSS8.4AI score0.02217EPSS
Exploits0References3
NVD
NVD
added 2024/04/10 5:15 p.m.20 views

CVE-2024-3384

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager NTLM packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...

7.5CVSS7.4AI score0.00885EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/10 5:6 p.m.23 views

CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager NTLM packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...

7.5CVSS7.6AI score0.00885EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/10 5:6 p.m.19 views

CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager NTLM packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...

7.5CVSS7.1AI score0.00885EPSS
Exploits0References1
CVE
CVE
added 2024/04/10 5:6 p.m.83 views

CVE-2024-3384

CVE-2024-3384 affects Palo Alto Networks PAN-OS. According to the sources, a remote attacker can reboot PAN-OS firewalls by sending NTLM packets, potentially driving the device into maintenance mode and requiring manual recovery. The Palo Alto advisory notes no workarounds, and the CNVD/NCSC entr...

7.5CVSS6.7AI score0.00885EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.5 views

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS. A remote attacker can exploit the vulnerability to restart the PAN-OS firewall when receiving Windows New Technology LAN Manager NTLM packet...

7.5CVSS6.8AI score0.00885EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

Microsoft Windows Secure Boot 安全漏洞

Microsoft Windows Secure Boot is a secure boot from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Secure Boot. An attacker exploiting this vulnerability could bypass certain features. The following products and editions are affected:Windows Server 2019 Server Cor...

6.7CVSS8.5AI score0.00567EPSS
Exploits0References3
NVD
NVD
added 2024/03/16 2:15 a.m.17 views

CVE-2024-2294

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backupname parameter in the backuplydownloadbackup function. This makes it possible for attackers to have an account with only...

4.9CVSS5AI score0.00919EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/03/16 1:55 a.m.11 views

CVE-2024-2294 Backuply – Backup, Restore, Migrate and Clone <= 1.2.7 - Authenticated (Admin+) Directory Traversal

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backupname parameter in the backuplydownloadbackup function. This makes it possible for attackers to have an account with only...

4.9CVSS7.4AI score0.00919EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/16 1:55 a.m.25 views

CVE-2024-2294 Backuply – Backup, Restore, Migrate and Clone <= 1.2.7 - Authenticated (Admin+) Directory Traversal

The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backupname parameter in the backuplydownloadbackup function. This makes it possible for attackers to have an account with only...

4.9CVSS5.3AI score0.00919EPSS
Exploits0References4
CVE
CVE
added 2024/03/16 1:55 a.m.65 views

CVE-2024-2294

CVE-2024-2294 affects the Backuply plugin for WordPress on Windows-hosted sites. The vulnerability is a Directory Traversal via the backup_name parameter in the backuply_download_backup function, allowing an account with only activate_plugins capability to access arbitrary server files. Red Hat c...

4.9CVSS9.2AI score0.00919EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.7 views

Microsoft OLE DB Provider for SQL Server Security Vulnerability

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...

8.8CVSS7.2AI score0.02043EPSS
Exploits0References3
Rows per page
Query Builder