238 matches found
EUVD-2014-0709
Malware in sbrugna...
EUVD-2022-31221
Malicious code in bioql PyPI...
EUVD-2023-25808
Malicious code in bioql PyPI...
EUVD-2024-48609
Malicious code in bioql PyPI...
EUVD-2022-35231
Malicious code in bioql PyPI...
EUVD-2024-48608
Malicious code in bioql PyPI...
Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability
A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required...
CVE-2025-3611
Mattermost versions 10.7.x = 10.7.0, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fails to properly enforce access control restrictions for System Manager roles, allowing authenticated users with System Manager privileges to view team details they should not have access to via direct API requests to team...
CVE-2023-27350
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 Build 63914. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. ...
CVE-2020-21999
iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user via the 'strInIP' POST parameter in pingTest PHP script...
CVE-2013-3380
The administrative web interface in the Access Control Server in Cisco Secure Access Control System ACS does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279...
CVE-2013-1200
Session fixation vulnerability in Cisco Secure Access Control System ACS allows remote attackers to hijack web sessions via unspecified vectors, aka Bug ID CSCud95787...
CVE-2013-3428
The web interface in Cisco Secure Access Control System ACS does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957...
Security Bulletin: IBM Aspera Faspex 5 has addressed multiple vulnerabilities (CVE-2023-37412, CVE-2023-37398, CVE-2023-37413, CVE-2023-35907)
Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Aspera Faspex 5.0.11 Vulnerability Details CVEID:CVE-2023-37412 DESCRIPTION: IBM Aspera Faspex could allow a privileged user to make system changes without proper access controls. CWE:CWE-284:...
GeoVision ASManager Windows Application Credentials Disclosure Vulnerability
GeoVision ASManager GV-ASManager is an access control system developed by the Chinese company GeoVision. A credential disclosure vulnerability exists in the GeoVision ASManager Windows Application due to improper memory handling in the ASManagerService.exe process. An attacker can exploit this...
Siemens SiPass Integrated Third-Party Component DotNetZip Directory Traversal Vulnerability
Siemens SiPass integrated is a powerful and flexible access control system for organizations of all sizes, from simple offices to large complex facilities containing thousands of doors, gates, barriers and elevators. A directory traversal vulnerability exists in DotNetZip, a third-party component...
The vulnerability of the software for controlling the Geovision GV-ASManager system lies in the absence of an authentication procedure, which allows a intruder to disclose the protected information.
The vulnerability of the software for controlling the Geovision GV-ASManager access control system is related to the absence of an authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...
Making sure your door access control system is secure: Top 5 things to check
Your door access control system aka a physical access control system or PACS, also referred to as RFID cards or ‘swipe’ cards often have a poor reputation for being vulnerable to cloning attacks. Here’s the thing: it’s generally possible to configure your system to be very resistant to card...
CVE-2024-45862 Cleartext Storage of Sensitive Information in Kastle Systems Access Control System
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information...
CVE-2024-45862 Cleartext Storage of Sensitive Information in Kastle Systems Access Control System
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information...