15 matches found
EUVD-2022-34412
Malicious code in bioql PyPI...
CVE-2021-34412
During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation...
CVE-2024-34412
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1...
CVE-2024-34412
CVE-2024-34412 affects the ParcelPanel (ParcelPanel for WordPress) plugin for ParcelPanel: vulnerable in versions up to 3.8.1. The issue is an SQL Injection caused by improper neutralization of input elements in SQL commands, enabling attacker-controlled data to be injected into queries. Impact p...
CVE-2024-34412 WordPress ParcelPanel plugin <= 3.8.1 - Auth. SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1...
WordPress ParcelPanel Plugin <= 3.8.1 is vulnerable to SQL Injection
Software ParcelPanel Type Plugin Vulnerable versions = 3.8.1 Fixed in 3.9.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-34412 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID f51d7f941e90 Credits Le Ngoc Anh Required privilege Subscriber Published...
CVE-2023-34412
CVE-2023-34412 affects Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200/250 devices with firmware
CVE-2023-34412 Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code XSS...
CVE-2022-34412
creationtimestamp| type| source ---|---|--- 2023-03-16 15:30:58+00:00| seen| https://t.me/cibsecurity/60133...
CVE-2022-34412
Summary (CVE-2022-34412): Dell PowerEdge BIOS and Dell Precision BIOS contain an improper SMM (System Management Mode) communication buffer verification vulnerability. A local attacker with high privileges may exploit this flaw to achieve arbitrary code execution or cause a denial of service. The...
Zoom Client for Meetings < 5.4.0 Vulnerability (ZSB-21008)
The version of Zoom Client for Meetings installed on the remote host is prior to 5.4.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-21008 advisory. - During the installation process for all versions of the Zoom Client for Meetings for Windows before 5.4.0, it is possibl...
KLA12446 PE vulnerability in Zoom
Privilege escalation vulnerability was found in Zoom. Malicious users can exploit this vulnerability to gain privileges. Original advisories Zoom Security Bulletin Related products Zoom-MSI CVE list CVE-2021-34412 critical Solution Update to the latest version Download Zoom Impacts PE Privilege...
CVE-2021-34412
creationtimestamp| type| source ---|---|--- 2021-09-27 18:35:07+00:00| seen| https://t.me/cibsecurity/29485...
CVE-2021-34412
CVE-2021-34412 affects Zoom Client for Meetings on Windows prior to 5.4.0. During installation, the installer can launch Internet Explorer, and if run with elevated privileges (e.g., via SCCM), this can result in local privilege escalation. The issue is documented across multiple sources (NVD ent...
Apache Tomcat mod_jk Content-Length头信息泄露漏洞
BUGTRAQ ID: 34412 CVECAN ID: CVE-2008-5519 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 如果恶意客户端向Apache Tomcat服务器的modjk模块提交了Content-Length头为空的恶意请求,或在短时间内反复提交相同的请求的话,就可以查看其他用户请求相关的响应。 Apache Group modjk 1.2.0 - 1.2.26 Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...