40 matches found
CVE-2025-62382
CVE-2025-62382 affects Frigate (network video recorder for IP cameras). Before v0.16.2, the export workflow lets an authenticated operator nominate any filesystem path as the thumbnail source for a video export. The chosen path is copied verbatim into the publicly served clips directory, enabling...
EUVD-2024-39433
Malicious code in bioql PyPI...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
CVE-2024-42407
Insertion of Sensitive Information into Log File CWE-532 in the Gallagher Command Centre Alarm Transmitter feature could allow an authenticated Operator to view some security sensitive information to which they have not been granted access. This issue affects: Command Centre Server 9.10 prior to...
CVE-2024-42407
Insertion of Sensitive Information into Log File CWE-532 in the Gallagher Command Centre Alarm Transmitter feature could allow an authenticated Operator to view some security sensitive information to which they have not been granted access. This issue affects: Command Centre Server 9.10 prior to...
CVE-2024-1890
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
CVE-2024-1890 Clickjacking vulnerability in Sunny Webbox
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which could allow remote attackers to perform a clickjacking attack on Sunny WebBox firmware version 1.6.1 and earlier...
Gallagher Command Centre Server 安全漏洞
Gallagher Command Center Server is a management system from Gallagher New Zealand for monitoring and managing infrastructure in buildings. A security vulnerability exists in Gallagher Command Centre Server versions v8.80 through v8.80.1192 MR2, v8.70 through v8.70.2185 MR4, v8.60 through v8.60.23...
CVE-2023-25194
A flaw was found in Apache Kafka Connect's REST API that permits configuration of SASL property by an authenticated operator, which could allow connection to a malicious LDAP server and subsequent deserialization of malicious content. This issue could allow an authenticated attacker to cause a...
kafka: RCE/DoS via SASL JAAS JndiLoginModule configuration in Kafka Connect
A flaw was found in Apache Kafka Connect's REST API that permits configuration of SASL property by an authenticated operator, which could allow connection to a malicious LDAP server and subsequent deserialization of malicious content. This issue could allow an authenticated attacker to cause a...
kafka: RCE/DoS via SASL JAAS JndiLoginModule configuration in Kafka Connect
A flaw was found in Apache Kafka Connect's REST API that permits configuration of SASL property by an authenticated operator, which could allow connection to a malicious LDAP server and subsequent deserialization of malicious content. This issue could allow an authenticated attacker to cause a...
CVE-2022-33947
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, a vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface TMUI that allows an authenticated attacker with at least operator role privileges to...
F5 BIG-IP 代码问题漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial-of-service vulnerability exists in the F5 BIG-IP DNS TMUI, which can be exploited by an authenticated attacker with ...
ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure Vulnerability
Exploit Title: ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure Exploit Author: LiquidWorm Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062...
Gallagher Command Centre Server 信息泄露漏洞
Gallagher Command Centre Server is a management system used by Gallagher New Zealand to monitor and manage infrastructure in buildings. a security vulnerability exists in the COM interface of Gallagher Command Center Server, which could be exploited by an attacker to retrieve sensitive informatio...
CVE-2021-3039
An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access to the debug log...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
CVE-2019-13529
CVE-2019-13529 affects SMA Solar Technology Sunny WebBox (Firmware 1.6 and prior). The vulnerability is Cross-Site Request Forgery (CSRF) where an attacker entices an authenticated operator to click a malicious link, enabling actions with the user’s permissions. Affected devices use IP-based comm...
CVE-2019-13529
An attacker could send a malicious link to an authenticated operator, which may allow remote attackers to perform actions with the permissions of the user on the Sunny WebBox Firmware Version 1.6 and prior. This device uses IP addresses to maintain communication after a successful login, which...
CVE-2018-18555
A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to th...