CVE-2022-34907

An authentication bypass vulnerability exists in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to gain access to the system with the highest authority possible and gain full control over the FileWave platform...

FileWave 信任管理问题漏洞

FileWave is an endpoint management suite from the Swiss company FileWave. FileWave suffers from a trust management issue vulnerability that originates from allowing an unauthenticated attacker to exploit an authentication bypass vulnerability to gain access to the system with the highest possible...

PT-2022-3853 · Filewave · Filewave

Name of the Vulnerable Software and Affected Versions: FileWave versions prior to 14.6.3 FileWave versions 14.7.x prior to 14.7.2 Description: The issue is related to errors during the authentication procedure in the FileWave platform, which is a cross-platform solution for mobile device...

PT-2022-3852 · Filewave · Filewave

Name of the Vulnerable Software and Affected Versions: FileWave versions prior to 14.6.3 FileWave versions 14.7.x prior to 14.7.2 Description: A hard-coded cryptographic key is used in the software. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWa...

PT-2022-13202 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 11.9 through 14.5.3 GitLab versions 14.6.0 through 14.6.3 GitLab versions 14.7.0 Description: An issue has been discovered in GitLab where it was not correctly handling bulk requests to delete existing packages from the packag...

ForgeRock Access Manager/OpenAM 14.6.3 Remote Code Execution

Exploit Title: ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution RCE Unauthenticated Date: 2021-07-14 Exploit Author: Photubias – tijldotdeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://backstage.forgerock.com/knowledge/kb/article/a47894244 Vendor Homepage:...