14 matches found
Elastic Kibana Fleet 安全漏洞
Elastic Kibana Fleet is a component of Elastic Netherlands that centralizes the management and monitoring of Elastic Agent. A security vulnerability exists in Elastic Kibana Fleet that stems from an unlimited or infinite stream of resource allocations, which could lead to over-allocation via ad-h...
Elastic Kibana 资源管理错误漏洞
Elastic Kibana is an available data visualization dashboard software from Elastic, Inc. A resource management error vulnerability exists in Elastic Kibana versions 7.17.0 through 7.17.22 and 8.0.0 through 8.15.0, which stems from a flaw in the handling of ad-hoc requests to the Observability API...
Element Synapse 安全漏洞
Element Synapse is an open source Matrix Home Server implementation from Element Open Source. A security vulnerability exists in Element Synapse, which stems from the fact that enabling the dynamicthumbnails option or processing ad-hoc requests may trigger decoding and thumbnail generation for...
Grafana Code Issue Vulnerability
Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. Grafana has a security vulnerability that stems from a CSV datasource plugin that...
Fortinet FortiNAC SQL Injection Vulnerability
Fortinet FortiNAC is a network access control solution from Fortinet, Inc. Fortinet FortiNAC versions 8.3.7 through 9.2.2 are vulnerable to SQL injection, a vulnerability that originates when user-provided data is not sufficiently cleaned and can be exploited to send ad-hoc requests to affected...
Quest KACE Desktop Authority 代码问题漏洞
Quest KACE Desktop Authority is a desktop management software from Quest, Inc. A deserialized code execution vulnerability exists in Quest KACE Desktop Authority, which can be exploited by remote attackers to submit ad hoc requests that can execute arbitrary code in the application context...
CbioPortal Denial of Service Vulnerability
CbioPortal is used to provide visualization, analysis, and download of large-scale cancer genomics datasets. a denial-of-service vulnerability exists in CbioPortal in versions 3.6.21 and earlier, which stems from the insecure handling of regular expressions in /ProteinArraySignificanceTest.json,...
Ecoa Bas controller 安全漏洞
ECOA BAS controller is a building automation controller. ECOA BAS controller handles HTTP GET requests and is vulnerable to information disclosure, which can be exploited by remote attackers to submit ad hoc requests that can obtain sensitive information...
Microsoft Dynamics 365 Cross-Site Scripting Vulnerability (CNVD-2020-52905)
Microsoft Dynamics 365 is Microsoft's next-generation intelligent business application that helps enterprises grow and digitally transform through the perfect integration of CRM and ERP. A cross-site scripting vulnerability exists in Microsoft Dynamics 365 9.0. The vulnerability stems from the...
Microsoft Dynamics 365 Cross-Site Scripting Vulnerability (CNVD-2020-52907)
Microsoft Dynamics 365 is Microsoft's next-generation intelligent business application that helps enterprises grow and digitally transform through the perfect integration of CRM and ERP. A cross-site scripting vulnerability exists in Microsoft Dynamics 365 9.0. The vulnerability stems from the...
Microsoft Dynamics 365 Cross-Site Scripting Vulnerability (CNVD-2020-52908)
Microsoft Dynamics 365 is Microsoft's next-generation intelligent business application that helps enterprises grow and digitally transform through the perfect integration of CRM and ERP. A cross-site scripting vulnerability exists in Microsoft Dynamics 365 9.0. The vulnerability stems from the...
Microsoft Dynamics 365 Cross-Site Scripting Vulnerability (CNVD-2020-52904)
Microsoft Dynamics 365 is Microsoft's next-generation intelligent business application that helps enterprises grow and digitally transform through the perfect integration of CRM and ERP. A cross-site scripting vulnerability exists in Microsoft Dynamics 365 Local Edition 8.2, 9.0. The vulnerabilit...
Multiple vulnerabilities in HPE LoadRunner and Performance Center (CNVD-2016-03838)
HPE LoadRunner and Performance Center are performance load testing software from Hewlett-Packard USA. Multiple vulnerabilities in HPE LoadRunner and HPE Performance Center allow remote attackers to conduct denial-of-service attacks by submitting ad hoc requests...
Multiple vulnerabilities in HPE LoadRunner and Performance Center (CNVD-2016-03840)
HPE LoadRunner and Performance Center are performance load testing software from Hewlett-Packard USA. Multiple vulnerabilities in HPE LoadRunner and HPE Performance Center allow remote attackers to conduct denial-of-service attacks by submitting ad hoc requests...