Lucene search
K

265 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/18 12:0 a.m.15 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Symfony vulnerabilities (USN-7272-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7272-1 advisory. Soner Sayakci discovered that Symfony incorrectly handled cookie storage in the web cache. An attacker could possibly use this...

8.8CVSS5.4AI score0.63422EPSS
Exploits1References10
Redos
Redos
added 2025/01/21 12:0 a.m.7 views

ROS-20250121-11

A vulnerability in the QTextLayout component of the cross-platform software development framework Qt is related to buffer copying without input validation. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted file SVG A...

7.5CVSS8AI score0.0306EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.7 views

The vulnerability of the software for managing Lenovo Accessories and Display Manager (LADM) and the software for managing and configuring Lenovo Display Control Center (LDCC) lies in errors in the authentication process, allowing a perpetrator to execute arbitrary code.

The vulnerabilities of the Lenovo Accessories and Display Manager LADM software for managing accessories and displays, as well as the Lenovo Display Control Center LDCC software for controlling and configuring displays, are related to errors in the certificate validation process. Exploiting these...

8.1CVSS5.9AI score0.00286EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.8 views

The vulnerability of the Checkmk Exchange plugin for MikroTik routers allows a hacker to execute a spoofing attack.

The vulnerability of the Checkmk Exchange plugin for MikroTik routers is related to errors in the authentication process. Exploiting this vulnerability allows a malicious actor to execute a spoofing attack remotely...

4.8CVSS5.6AI score0.00189EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/21 12:0 a.m.6 views

The vulnerability of the Site Hierarchy Flows component of the Oracle Site Hub data storage and management system, a part of the Oracle E-Business Suite, allows an attacker to access, modify, add, and delete data.

The vulnerability of the Site Hierarchy Flows component of the Oracle Site Hub data storage and management system, a part of the Oracle E-Business Suite automation system for enterprise activities, is related to authentication errors. Exploiting this vulnerability could allow an attacker to gain...

8.5CVSS7.5AI score0.00435EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/21 12:0 a.m.5 views

The vulnerability of the Field Service Engineer Portal component of the Oracle Field Service management platform allows a malicious individual to access, modify, add, and delete data. This component is part of the Oracle E-Business Suite, which is used for automating business processes in enterprises.

The vulnerability of the Field Service Engineer Portal component of the Oracle Field Service management platform, part of the Oracle E-Business Suite, is related to authentication errors. Exploiting this vulnerability could allow an attacker to gain access to modify, add, and delete data using th...

8.5CVSS7.6AI score0.00435EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.11 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in authentication errors that occur when operations are performed outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain full control over the application...

7.5CVSS7.4AI score0.00267EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.5 views

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, related to authentication errors, allows attackers to bypass security restrictions.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to authentication errors. Exploiting these vulnerabilities can allow attackers to bypass security restrictions remotely...

4.3CVSS5.5AI score0.00521EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.6 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to authentication errors, allows a hacker to execute continuous integration and continuous delivery processes on arbitrary branches of the program.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to authentication errors. Exploiting this vulnerability allows a malicious actor to remotely execute continuous integration and continuous delivery processes on arbitrary branches of the...

8.2CVSS6.1AI score0.00593EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/17 12:0 a.m.6 views

The vulnerability of the Secure Channel component in Windows operating systems, which allows a hacker to perform a spoofing attack

The vulnerability of the Secure Channel component in Windows operating systems is related to errors in the certificate authentication process. Exploiting this vulnerability can allow a malicious actor to perform a spoofing attack remotely...

7.4CVSS5.4AI score0.01079EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.6 views

The vulnerability of the Blink web browser component in Google Chrome, which allows a hacker to access confidential data

The vulnerability of the Blink web browser component in Google Chrome is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data through a specially created HTML page...

7.8CVSS6.8AI score0.01854EPSS
Exploits0References11Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/08/26 12:0 a.m.6 views

The vulnerability in the user interface of the LibreOffice office software’s certificate verification process allows a perpetrator to execute arbitrary code.

The vulnerability of the user interface for verifying certificate in the LibreOffice office software package is related to errors in the authentication process. Exploiting this vulnerability allows an attacker to execute arbitrary code, provided that the user allows the macro to be executed...

7.8CVSS7.5AI score0.00238EPSS
Exploits0References10Affected Software9
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.6 views

Vulnerability of the Server component: The Oracle MySQL Server database management system’s DDL functions allow attackers to cause service interruptions.

Vulnerability of the Server component: The DDL system for managing databases, Oracle MySQL Server, is vulnerable to authentication errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

6.8CVSS6.4AI score0.0085EPSS
Exploits0References3Affected Software1
Citrix
Citrix
added 2024/07/13 12:0 a.m.21 views

Error: The Pool Failed to Enable External Authentication in XenServer

When attempting to enable external pool authentication in a XenServer 5.6 Feature Pack 1 pool, the operation fails with one or more of the following errors: “Error: The pool failed to enable external authentication.” “Error: Enabling Active Directory Authentication on pool '' - Could not enable...

7.3AI score
Exploits0
Veeam
Veeam
added 2024/06/07 12:0 a.m.21 views

Troubleshooting '401 - Unauthorized' or 'x509' Errors When Accessing the Veeam Kasten for Kubernetes Dashboard

Challenge When attempting to access the Veeam Kasten for Kubernetes dashboard the following error occurs despite using the cacertconfigmap.name helm value: 401 - Unauthorized This issue may also manifest as errors related to x509 in the gateway pod or auth-svc pod logs: x509: certificate signed b...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/06/07 12:0 a.m.6 views

The vulnerability of the MileSight DeviceHub deployment platform, related to authentication errors, allows a violator to execute arbitrary code.

The vulnerability of the MileSight DeviceHub deployment platform is related to authentication errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS5.9AI score0.00473EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/05 12:0 a.m.5 views

The vulnerability of the SMTPS protocol implementation in the JetBrains YouTrack project management and task management software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the SMTPS protocol implemented by the JetBrains YouTrack software for managing projects and tasks is related to errors in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.9CVSS5.5AI score0.00275EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/31 12:0 a.m.5 views

The vulnerability of the connection application between the cloud platform and the local system via SAP Cloud Connector arises from errors in the authentication process. These errors allow attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the connection application between the cloud platform and the local system via SAP Cloud Connector is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protecte...

7.4CVSS7.2AI score0.00544EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/27 12:0 a.m.5 views

The vulnerability of the api_pluginhook() function in the Cacti network monitoring software allows a hacker to execute arbitrary code.

The vulnerability of the apipluginhook function in the lib/plugin.php file of the Cacti network monitoring software is related to authentication errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8CVSS8.4AI score0.02677EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/03 12:0 a.m.4 views

The vulnerability of the Airflow FTP Provider network software is related to errors in the authentication process, which allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Airflow FTP Provider network software is related to errors in the authentication process. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

5.6CVSS5.4AI score0.00626EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder