16 matches found
PT-2024-25531 · Cosy+ · Cosy+
Name of the Vulnerable Software and Affected Versions: Cosy+ devices versions 21.x below 21.2s10 Cosy+ devices versions 22.x below 22.1s3 Description: The issue is related to insecure permissions, where several processes are executed with elevated privileges. This is an example of Execution with...
PT-2024-25529 · Cosy+ · Cosy+
Name of the Vulnerable Software and Affected Versions: Cosy+ devices versions 21.x through 21.2s9 Cosy+ devices versions 22.x through 22.1s2 Description: The issue concerns insecure permissions in Cosy+ devices, which can lead to information leakage through cookies. This problem is resolved in...
PT-2024-25532 · Cosy+ · Cosy+
Name of the Vulnerable Software and Affected Versions: Cosy+ devices versions 21.x below 21.2s10 Cosy+ devices versions 22.x below 22.1s3 Description: The issue concerns the use of a unique key for encrypting configuration parameters in Cosy+ devices. This key is not unique per device in affected...
CVE-2024-33892
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in version 21.2s10 and 22.1s3...
Fedoraproject Fedora SEoL (21.x)
According to its version, Fedoraproject Fedora is 21.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 ...
Node.js Multiple Vulnerabilities (Apr 2024) - Mac OS X
Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...
Veritas Backup Exec Agent Remote Code Execution
frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veritas Backup Exec Agent Remote Code Execution', 'Description' = %q Veritas Backup Exec Agent supports multiple...
Veritas Backup Exec Agent Remote Code Execution
Veritas Backup Exec Agent supports multiple authentication schemes and SHA authentication is one of them. This authentication scheme is no longer used within Backup Exec versions, but hadn't yet been disabled. An attacker could remotely exploit the SHA authentication scheme to gain unauthorized...
OpenWRT < 19.07.9, 21.x < 21.02.2 Multiple Vulnerabilities
OpenWRT is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2022-34338
CVE-2022-34338 affects IBM Robotic Process Automation up to version 21.0.2 (and related variants) due to improper privilege management for storage provider types, which could disclose sensitive information. The IBM bulletin and NVD entries confirm affected versions are
CVE-2022-22434
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with physical access to create an API request modified to create additional objects. IBM X-Force ID: 224159...
CVE-2017-14328
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot...
CVE-2017-14327
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files...
CVE-2017-14329
The CVE-2017-14329 entry affects Extreme EXOS 16.x, 21.x, and 22.x. Multiple connected documents confirm an elevation-of-privilege issue that can yield a root shell via vectors involving an exsh debug shell. Impact is described as gaining root-level access on affected EXOS versions; the vulnerabi...
CVE-2016-1012
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-1020,...
flash-plugin: multiple code execution issues fixed in APSB16-10
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-1012,...