14 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-16854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Open Ticket Request System OTRS through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use t...
CVE-2020-16854 Windows Kernel Information Disclosure Vulnerability
...
CVE-2020-16854
Technical specifics for CVE-2020-16854 (affected product, vulnerable component, exploit access, or remediation) are not provided in the connected documents. The initial description offers high-level impact, but no concrete technical details are present for public disclosure. Monitor for updates.
WAGO PFC200 Stack Buffer Overflow Vulnerability (CNVD-2020-16854)
The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A stack buffer overflow vulnerability exists in the iocheckd service 'I/O-Check' function of the WAGO PFC200 03.02.0214. An attacker could exploit this vulnerability via a specially crafted XML cache file to achieve code...
Fedora 29 : moodle (2018-6a4a3b78fd)
CVE-2018-16854 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Netwo...
Fedora 28 : moodle (2018-f4910a3260)
CVE-2018-16854 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Netwo...
Fedora 27 : moodle (2018-4ec3eecd7f)
CVE-2018-16854 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Netwo...
CVE-2018-16854
A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier. The login form is not protected by a token to prevent login cross-site request forgery. Fixed versions include 3.6, 3.5.3, 3.4.6, 3.3.9 and 3.1.15...
CVE-2018-16854
CVE-2018-16854 – Moodle Login CSRF relates to Moodle versions 3.5–3.5.2, 3.4–3.4.5, 3.3–3.3.8, and 3.1–3.1.14. The vulnerability is a login CSRF issue due to the login form not being protected by a token to prevent cross-site request forgery. Fixed versions include Moodle 3.6, 3.5.3, 3.4.6, 3.3.9...
[SECURITY] [DSA 4066-1] otrs2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4066-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 17, 2017 https://www.debian.org/security/faq -...
OTRS 3.3.x < 4.0.27, 5.x < 5.0.24, 6.x < 6.0.2 Information Disclosure Vulnerability (Dec 2017)
OTRS is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if...
CVE-2017-16854
In Open Ticket Request System OTRS through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets...
CVE-2017-16854
The CVE-2017-16854 issue affects Open Ticket Request System (OTRS) up to versions 3.3.20, 4.x up to 4.0.26, 5.x up to 5.0.24, and 6.x up to 6.0.1, where an authenticated customer can use the ticket search form to disclose internal article information in customer tickets. Connected advisories conf...
CVE-2019-16854
CVE-2019-16854 entry is rejected/not used; this CVE ID does not represent an active vulnerability.