15 matches found
EUVD-2018-8673
Malware in sbrugna...
EUVD-2013-4132
Malware in sbrugna...
CVE-2023-4570
An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using versi...
squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution
A flaw was found in Squid, where a remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This issue occurs because the attacker can overflow the nonce reference counter, which results in remote code execution if the pooled token...
Conarc iChannel webserver incorrect access restriction vulnerability
Conarc iChannel is a solution developed by Conarc Corporation in the United States that integrates customer relationship management CRM systems with DMS functionality. An incorrect access restriction vulnerability exists in Conarc iChannel. A remote attacker could exploit this vulnerability by...
Cybozu Garoon fails to restrict access permission in To-Dos of Space function
Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an access restriction flaw in To-Dos of Space function. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the...
Cybozu Garoon fails to restrict access permission in MultiReport filters
Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an access restriction flaw in MultiReport filters. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information...
Cybozu Garoon fails to restrict access permission in the RSS settings
Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an access restriction flaw in the RSS settings. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information...
Trend Micro Internet Security access restriction flaw
Overview Trend Micro Internet Security provided by Trend Micro Incorporated contains an access restriction flaw. According to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used. Trend Micro Incorporated reported this...
Websense TRITON AP-WEB Information Disclosure Vulnerability
Websense TRITON is the Unified Content Architecture for data security. Websense TRITON AP-WEB versions prior to 8.0.0 failed to properly restrict access to files in the explorerwse/ directory, allowing attackers to submit special requests to obtain sensitive information...
CVE-2012-6635
wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by visiting a draft...
DEBIAN-CVE-2013-2219
The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute...
CVE-2013-0182
The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, which allows remote attackers to read arbitrary payments...
Cybozu Office vulnerable in restricting access
Overview Cybozu Office contains a vulnerability in restricting access permissions. Cybozu Office is a groupware.Cybozu Office contains a vulnerability in restricting access permissions. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
Design/Logic Flaw
system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote attackers to post news messages via a direct request...