10 matches found
CVE-2023-41967
Sensitive information uncleared after debug/power state transition in the Controller 6000 could be abused by an attacker with knowledge of the Controller's default diagnostic password and physical access to the Controller to view its configuration through the diagnostic web pages. This issue...
CVE-2022-41967
creationtimestamp| type| source ---|---|--- 2025-04-14 16:53:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11646...
CVE-2022-41967
Dragonfly is a Java runtime dependency management library. Dragonfly v0.3.0-SNAPSHOT does not configure DocumentBuilderFactory to prevent XML external entity XXE attacks. This issue is patched in 0.3.1-SNAPSHOT. As a workaround, since Dragonfly only parses XML SNAPSHOT versions are being resolved...
CVE-2024-41967
creationtimestamp| type| source ---|---|--- 2024-11-18 10:41:39+00:00| seen| https://t.me/cvedetector/11302 2025-09-25 00:36:29+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...
CVE-2024-41967 WAGO: Boot Mode Manipulation in Multiple Devices
A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack...
CVE-2024-41967 WAGO: Boot Mode Manipulation in Multiple Devices
A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack...
CVE-2023-41967
creationtimestamp| type| source ---|---|--- 2024-01-12 14:36:53+00:00| seen| https://t.me/ctinow/167273...
CVE-2023-41967
Affected product and versions: Gallagher Controller 6000, versions 8.60 or earlier, and 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 MR5). Root cause / description: Sensitive information is not cleared after a debug or power state transition, allowing an attacker with knowledge of the ...
CVE-2022-41967 Improper Restriction of XML External Entity Reference in Dragonfly
Dragonfly is a Java runtime dependency management library. Dragonfly v0.3.0-SNAPSHOT does not configure DocumentBuilderFactory to prevent XML external entity XXE attacks. This issue is patched in 0.3.1-SNAPSHOT. As a workaround, since Dragonfly only parses XML SNAPSHOT versions are being resolved...
CVE-2022-41967 Improper Restriction of XML External Entity Reference in Dragonfly
Dragonfly is a Java runtime dependency management library. Dragonfly v0.3.0-SNAPSHOT does not configure DocumentBuilderFactory to prevent XML external entity XXE attacks. This issue is patched in 0.3.1-SNAPSHOT. As a workaround, since Dragonfly only parses XML SNAPSHOT versions are being resolved...