CVE-2023-24530

SAP BusinessObjects Business Intelligence Platform CMC - versions 420, 430, allows an authenticated admin user to upload malicious code that can be executed by the application over the network. On successful exploitation, attacker can perform operations that may completely compromise the...

CVE-2023-24530

SAP BusinessObjects Business Intelligence Platform CMC - versions 420, 430, allows an authenticated admin user to upload malicious code that can be executed by the application over the network. On successful exploitation, attacker can perform operations that may completely compromise the...

CVE-2022-46754

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities...

CVE-2022-46755

Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized...

CVE-2022-34451

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to...

CVE-2022-34450

PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root...

Hardcoded credentials

PowerPath Management Appliance with versions 3.3 & 3.2 contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application...

CVE-2022-34451

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to...

CVE-2022-34450

PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root...

CVE-2022-34452

PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs...

Information disclosure

PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs...

CVE-2022-34452

PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs...

PT-2023-14988 · Dell · Wyse Management Suite

Name of the Vulnerable Software and Affected Versions: Wyse Management Suite versions 3.8 and below Description: The issue concerns an improper access control vulnerability. An authenticated malicious admin user can edit the general client policy for which the user is not authorized...

CVE-2023-20030

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive information, conduct a server-side request forgery SSRF attack through an affected device, or negatively impact the responsiveness of the...

CVE-2023-20045

A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validati...

PT-2023-1319

Name of the Vulnerable Software and Affected Versions Zyxel AX7501-B0 firmware versions prior to V5.17ABPC.3C0 Description A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware, which processes symbolic links on external storage media. A local authenticated attacker with...

CVE-2022-45912

An issue was discovered in Zimbra Collaboration ZCS 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution...

CVE-2022-45912

An issue was discovered in Zimbra Collaboration ZCS 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution...

Remote code execution

An issue was discovered in Zimbra Collaboration ZCS 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution...

PT-2022-26086 · Kyocera · Taskalfa 255C +34

Name of the Vulnerable Software and Affected Versions: Kyocera Document Solutions MFPs and printers versions TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci, TASKalfa 255c/205c, TASKalfa 256ci/206ci, ECOSYS M6526cdn/M6526cidn, FS-C2126MFP/C2126MFP+/C2026MFP/C2026MFP+, TASKalfa...