52 matches found
CVE-2021-27570
An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
CVE-2021-27569
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic...
CVE-2021-27569
CVE-2021-27569 affects Emote Remote Mouse (up to version 4.0.0.0). Red Hat and CNVD entries confirm a vulnerability where an attacker can maximize or minimize a running process window by sending the process name in a crafted packet. The issue is transmitted in cleartext and lacks authentication p...
CVE-2020-23448
newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code AdminLoginInterceptor, which can be bypassed...
CVE-2020-23448
newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code AdminLoginInterceptor, which can be bypassed...
Microsoft NET USE win10 - Insufficient Authentication Logic Exploit
Title: Microsoft NET USE win10 - Insufficient Authentication Logic Date: 2020-04-04 Author: hyp3rlinx Vendor: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
CVE-2019-16003 Cisco UCS Director Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to download system log files from an affected device. The vulnerability is due to an issue in the authentication logic of the web-based management interface. An attacker cou...
CVE-2019-16003
CVE-2019-16003 affects Cisco UCS Director Web-based management interface. A flaw in the authentication logic could allow an unauthenticated, remote attacker to download system log files generated by an administrator by sending a crafted request to the web interface. The vulnerability stems from h...
CVE-2019-16003 Cisco UCS Director Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to download system log files from an affected device. The vulnerability is due to an issue in the authentication logic of the web-based management interface. An attacker cou...
CVE-2019-15282 Cisco Identity Services Engine Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. The vulnerability is due an issue in the authentication logic of the web-based management...
CVE-2019-15282 Cisco Identity Services Engine Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. The vulnerability is due an issue in the authentication logic of the web-based management...
Whale Communications e-Gap Security Appliance 2.5 Login Page Source Code Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9431/info The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpected HTTP requests it may divulge the source code of th...