CVE-2024-40872 Elevation of privilege in Absolute Secure Access clients and servers

There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can elevate their privilege to system level by passing invalid address data to the vulnerable component...

CVE-2024-40872 Elevation of privilege in Absolute Secure Access clients and servers

There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can elevate their privilege to system level by passing invalid address data to the vulnerable component...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts and product image scaling. A security vulnerability exists in PrestaShop Orders CSV, Excel Export PRO prior to version 5.2.0. The vulnerability...

PT-2023-29974 · Prestashop · Orders (Csv

Name of the Vulnerable Software and Affected Versions: Orders CSV, Excel Export PRO module for PrestaShop versions prior to 5.2.0 Description: The issue allows a guest to download personal information without restriction due to a lack of permissions control. This can lead to a leak of personal...

CVE-2023-45380

In the module "Order Duplicator " Clone and Delete Existing Order" orderduplicate in version = 1.1.7 from Silbersaiten for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can download personal information from...

CVE-2023-45852

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method...

CVE-2023-45852

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method...

SUSE CVE-2013-0433

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information...

SUSE CVE-2015-2711

Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a UR...

SUSE CVE-2017-15775

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000259aa4."...

CVE-2022-36200

In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...

CVE-2022-29467

Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of Address...

CVE-2022-29467

Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of Address...

CVE-2022-29467

Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of Address...

Information disclosure

Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of Address...

PT-2022-19633 · Cybozu · Cybozu Garoon

Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 4.2.0 through 5.5.1 Description: The issue allows a remote authenticated attacker to obtain some address data. Recommendations: For Cybozu Garoon versions 4.2.0 through 5.5.1, update to a version that contains a fix for...

CVE-2020-23890

A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service DoS via a crafted JPG file. Related to Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at JPGCodec+0x753648...

Sparkasse Online Banking - Filter Bypass Vulnerability

Document Title: =============== Sparkasse Online Banking - Filter Bypass Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2264 Release Date: ============= 2021-10-17 Vulnerability Laboratory ID VL-ID: ==================================== 22...

CVE-2021-20756

Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege...

Cybozu Garoon Address View Restriction Bypass Vulnerability

Cybozu Garoon is a portal-type OA office system of Cybozu Japan. Address in Cybozu Garoon has a view restriction bypass vulnerability, which can be exploited by attackers to log in to the product to obtain address data without viewing privileges...