catalystcoop-ferc-xbrl-extractor (>=0.6.1 <=0.8.4), catalystcoop-pudl (>=2022.11.30 <=2022.11.30.post1) +1 more potentially affected by CVE-2026-42796 via arelle-release (>=2.10.8 <=2.2.4)

arelle-release PYPI version =2.10.8, =0.6.1, =2022.11.30, =0.6.1, =0.7.0rc1 Source cves: CVE-2026-42796 Source advisory: SNYK:PYTHON-ARELLERELEASE-16635954...

CVE-2022-42796

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges...

CVE-2024-42796

An Incorrect Access Control vulnerability was found in /music/ajax.php?action=deletegenre in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music genre entries...

CVE-2023-42796

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.11, CP-8050 MASTER MODULE All versions CPCI85 V05.11. The web server of affected devices fails to properly sanitize user input for the /sicweb-ajax/tmproot/ endpoint. This could allow an authenticated remote...

CVE-2024-42796

creationtimestamp| type| source ---|---|--- 2024-09-16 22:53:27+00:00| seen| https://t.me/cvedetector/5764...

CVE-2024-42796

An Incorrect Access Control vulnerability was found in /music/ajax.php?action=deletegenre in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music genre entries...

CVE-2021-42796

An issue was discovered in ExecuteCommand in AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior that allows unauthenticated arbitrary commands to be executed...

CVE-2021-42796

An issue was discovered in ExecuteCommand in AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior that allows unauthenticated arbitrary commands to be executed...

CVE-2021-42796

An issue was discovered in ExecuteCommand in AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior that allows unauthenticated arbitrary commands to be executed...

CVE-2021-42796

CVE-2021-42796 affects AVEVA Edge (formerly InduSoft Web Studio) pre-2020 R2. The vulnerability is in the ExecuteCommand() function (stadosvr.exe) and allows unauthenticated arbitrary commands to execute, via improper access control. The issue is documented with a base CVSS v3.1 score of 9.8 (Net...

CVE-2023-42796

CVE-2023-42796 affects Siemens SICAM A8000 CPCI85 firmware web server (CP-8031/CP-8050 MASTER MODULE, all versions before CPCI85 V05.11). The vulnerability is a path traversal flaw in the /sicweb-ajax/tmproot/ endpoint that allows an authenticated remote attacker to traverse directories and downl...

CVE-2023-42796

A vulnerability has been identified in CP-8031 MASTER MODULE All versions CPCI85 V05.11, CP-8050 MASTER MODULE All versions CPCI85 V05.11. The web server of affected devices fails to properly sanitize user input for the /sicweb-ajax/tmproot/ endpoint. This could allow an authenticated remote...

Siemens SICAM A8000 Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

AVEVA Edge

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: Edge Vulnerabilities: Uncontrolled Search Path Element, Exposure of Sensitive Information to an Unauthorized Actor, Uncontrolled Resource Consumption, Improper Access Control, Windows...

CVE-2022-42796

creationtimestamp| type| source ---|---|--- 2022-11-01 23:23:48+00:00| seen| https://t.me/cibsecurity/52427...

CVE-2022-42796

CVE-2022-42796 concerns Apple platforms where the issue could allow an app to gain elevated privileges. It was mitigated by removing the vulnerable code and is fixed in iOS 15.7, iPadOS 15.7, and macOS Ventura 13.0. The description confirms no further exploitation details are provided in the give...

CVE-2022-42796

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges...