CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3628 – Privilege escalation could allow authenticated user to gain access to a core system
https://notcve.org/view.php?id=CVE-2019-3628
27 Jun 2019 — Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control. La escalada de privilegios en McAfee Enterprise Security Manager (ESM) 11.x antes de la 11.2.0 permite al usuario identificado obtener acceso a un componente central del sistema a través del control de acceso incorrecto. • https://kc.mcafee.com/corporate/index?page=content&id=SB10284 •
CVSS: 7.5EPSS: 52%CPEs: 58EXPL: 0CVE-2015-7704 – ntp: disabling synchronization via crafted KoD packet
https://notcve.org/view.php?id=CVE-2015-7704
21 Oct 2015 — The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. El cliente ntpd en NTP 4.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegación de servicio empleando una serie de mensajes "KOD" manipulados. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use thi... • http://bugs.ntp.org/show_bug.cgi?id=2901 • CWE-20: Improper Input Validation •