14 matches found
CVE-2026-49054
Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2...
CVE-2026-49054
Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2...
Cisco IOS XR 安全漏洞
Cisco IOS XR is a set of operating systems developed by Cisco USA for its network devices. A security vulnerability exists in Cisco IOS XR version 7.9.2 that stems from incorrect handling of specific packets and could cause control plane traffic to stop working...
PT-2025-11097 · Cisco · Cisco Ios Xr
Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software version 7.9.2 Description: A vulnerability in the handling of specific packets that are punted from a line card to a route processor could allow an unauthenticated, adjacent attacker to cause control plane traffic to sto...
Puppet Server 安全漏洞
Puppet Server is a software from Puppet Labs in the United States that is used to push configurations from a master server to other servers. A security vulnerability exists in Puppet Server version 7.9.2. An attacker exploited the vulnerability to slow down server operations...
Schneider Electric StruxureWare Data Center Expert Code Injection Vulnerability (CNVD-2023-37598)
Schneider Electric StruxureWare Data Center Expert is a monitoring software from the French company Schneider Electric Schneider Electric. It is suitable for a variety of organizations to monitor their company-wide power, cooling, security, and environment. A code injection vulnerability exists i...
CVE-2023-25548
A CWE-863: Incorrect Authorization vulnerability exists that could allow access to device credentials on specific DCE endpoints not being properly secured when a hacker is using a low privileged user. Affected products: StruxureWare Data Center Expert V7.9.2 and prior...
Schneider Electric StruxureWare Data Center Expert 跨站脚本漏洞
Schneider Electric StruxureWare Data Center Expert is a monitoring software from the French company Schneider Electric Schneider Electric. It is suitable for a variety of organizations to monitor their company-wide power, cooling, security, and environment. A cross-site scripting vulnerability...
Schneider Electric StruxureWare Data Center Expert 代码注入漏洞
Schneider Electric StruxureWare Data Center Expert is a monitoring software from the French company Schneider Electric Schneider Electric. It is suitable for a variety of organizations to monitor their company-wide power, cooling, security, and environment. A code injection vulnerability exists i...
Schneider Electric StruxureWare Data Center Expert 操作系统命令注入漏洞
Schneider Electric StruxureWare Data Center Expert is a monitoring software from the French company Schneider Electric Schneider Electric. It is suitable for a variety of organizations to monitor their company-wide power, cooling, security, and environment. An operating system command injection...
PT-2023-1390 · Schneider Electric · Struxureware Data Center Expert
Name of the Vulnerable Software and Affected Versions: StruxureWare Data Center Expert versions 7.9.2 and prior Description: A CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists, allowing a local privilege escalation on the...
PT-2023-3273 · Schneider Electric · Struxureware Data Center Expert
Name of the Vulnerable Software and Affected Versions: StruxureWare Data Center Expert versions prior to 7.9.2 Description: A code injection issue exists, allowing for remote code execution when using a parameter of the DCE network settings endpoint. This could enable a remote attacker to execute...
CVE-2020-7020
Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...
PT-2020-19345 · Elastic · Elasticsearch
Name of the Vulnerable Software and Affected Versions: Elasticsearch versions prior to 6.8.13 Elasticsearch versions prior to 7.9.2 Description: The issue is related to a document disclosure flaw when Document or Field Level Security is used in Elasticsearch. Search queries do not properly preser...