5126 matches found
CVE-2022-36921
A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
PT-2022-4022 · Jenkins · Jenkins Coverity Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Coverity Plugin versions 1.11.4 and earlier Description: The issue is related to a missing permission check in the Jenkins Coverity Plugin, which can be exploited by attackers with Overall/Read permission to connect to an...
ab4yss-wr4iteups
ab4yss-wr4iteups Hi,...
Apple macOS Monterey 缓冲区错误漏洞
Apple macOS Monterey is the 18th major release of Apple's macOS for the Macintosh desktop operating system. Apple macOS Monterey suffers from a buffer error vulnerability that stems from an application's ability to capture a user's screen...
Apple macOS Monterey 和 Big Sur 权限许可和访问控制问题漏洞
Apple macOS Big Sur and Apple macOS Monterey are products of Apple Inc. Apple macOS Big Sur is the 17th major release of Apple's macOS operating system for the MAC. apple macOS Monterey is the 18th major release of Apple's macOS desktop operating system for the MAC. Apple macOS Monterey is the 18...
PT-2022-21520 · Apple · Macos Monterey +2
Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.6.8 macOS Monterey versions prior to 12.5 Description: A logic issue was addressed with improved checks, which may have allowed an app to capture a user's screen. Recommendations: For macOS Big Sur versions...
Koh - The Token Stealer
Koh is a C and Beacon Object File BOF toolset that allows for the capture of user credential material via purposeful token/logon session leakage. Some code was inspired by Elad Shamir's Internal-Monologue project no license, as well as KB180548. For why this is possible and Koh's approeach, see t...
Fedora: Security Advisory for httpdump (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: httpdump-0-0.6.20200714gite6fa868.fc35
Capture and parse HTTP traffic...
SonicWALL Hosted Email Security 安全特征问题漏洞
SonicWALL Hosted Email Security is an advanced cloud email security service from SonicWALL, Inc. A security feature issue vulnerability exists in SonicWall Hosted Email Security HES version 10.0.17.7319 and prior versions that stems from the incorrect implementation of certain security features i...
SonicWall Hosted Email Security Capture ATP Bypass
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. CVE: CVE-2022-2324 Last updated: July 14, 2022, 6:43 p.m...
The vulnerability lies in the communication functions between the Omron NJ/NX automation controller, the Omron Sysmac Studio automation software, and the programmable terminal Omron NA. This vulnerability allows a perpetrator to gain access to the controller.
The vulnerability of the communication functions between Omron NJ/NX automation controllers, the Omron Sysmac Studio automation software, and the programmable terminal Omron NA lies in the ability to bypass the authentication process by using capture-replay techniques for intercepted parameters...
The vulnerability of Microprogrammed Software in Omron NJ/NX automation controllers, related to bypassing the authentication process using capture-replay techniques for intercepted parameters, allows a intruder to trigger a service failure or execute arbitrary code.
The vulnerability of Microprogrammed Software in Omron NJ/NX automation controllers lies in the ability to bypass the authentication process by using capture-replay techniques to intercept and replay captured parameters. Exploiting this vulnerability allows a malicious actor to trigger malfunctio...
CVE-2021-43116
An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login...
Improper access control
An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login...
Security Bulletin: IBM QRadar Network Packet Capture includes multiple vulnerable components.
Summary The product includes multiple vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the relevant CVEs. Vulnerability Details CVEID: CVE-2018-25032 DESCRIPTION: Zlib is vulnerable to a denial of service, caused by a...
CVE-2022-33971
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow ...
CVE-2022-33971
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow ...
CVE-2022-33208
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software...
CVE-2022-33208
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software...