Lucene search

K

Gemini Security Vulnerabilities

cve
cve

CVE-2024-1598

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-05-14 04:15 PM
27
cve
cve

CVE-2022-29540

resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote attackers can inject arbitrary web script or HTML into an HTTP GET parameter that reflects user input without sanitization. This exists on numerous application...

6.1CVSS

5.9AI Score

0.001EPSS

2022-06-02 02:15 PM
33
5
cve
cve

CVE-2022-29539

resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software (e.g.,....

9.8CVSS

9.6AI Score

0.001EPSS

2022-05-12 03:15 PM
48
4
cve
cve

CVE-2022-29538

RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical...

5.3CVSS

5.3AI Score

0.001EPSS

2022-05-12 03:15 PM
44
6
cve
cve

CVE-2021-27456

Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-in access...

2.4CVSS

3.8AI Score

0.001EPSS

2022-03-23 08:15 PM
61
cve
cve

CVE-2008-7024

admin.php in Arz Development The Gemini Portal 4.7 and earlier allows remote attackers to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to...

7.3AI Score

0.106EPSS

2009-08-21 02:30 PM
19
cve
cve

CVE-2008-4720

Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) page/forums/bottom.php and (2)...

7.7AI Score

0.059EPSS

2008-10-23 08:00 PM
23
cve
cve

CVE-2006-1239

Cross-site scripting (XSS) vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attackers to inject arbitrary web script or HTML via the rtcDescription$RadEditor1 field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

5.6AI Score

0.005EPSS

2006-03-15 04:06 PM
26