6 matches found
CVE-2020-16849
An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information...
CVE-2020-16849
creationtimestamp| type| source ---|---|--- 2020-12-01 00:53:30+00:00| seen| https://t.me/cibsecurity/16960...
CVE-2018-16849
CVE-2018-16849 affects OpenStack Mistral. The flaw arises in the std.ssh action where manipulating the SSH private_key_filename (which can be an absolute path) enables an attacker to determine whether arbitrary files exist on the executor filesystem, i.e., a local information-disclosure/file-exis...
CVE-2018-16849
A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh privatekeyfilename can take an absolute path, it can be used to...
CVE-2017-16849
CVE-2017-16849 affects Zoho ManageEngine Applications Manager 13 prior to build 13530. The vulnerability is a SQL injection in the MyPage.do?method=viewDashBoard forpage parameter, enabling unauthorized arbitrary SQL execution. The NVD entry cites a CVSS3 base score of 9.8 (CRITICAL) with network...
CVE-2019-16849
CVE-2019-16849 entry is rejected/not used; it does not represent an active vulnerability.