251 matches found
CVE-2023-45616
There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this vulnerabilit...
The vulnerability of the Netskope client service, related to synchronization errors when using a shared resource, allows a perpetrator to increase their privileges.
The vulnerability of the Netskope client service is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...
PT-2023-3613 · Netskope · Netskope Client Service
Name of the Vulnerable Software and Affected Versions: Netskope client service versions prior to R96 Description: The issue is related to a synchronization error when using a shared resource, which can be exploited by a malicious local user to elevate privileges. The Netskope client service runs ...
SUSE-SU-2022:4080-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.17+8 October 2022 CPU - CVE-2022-39399: Improve HTTP/2 client usagebsc1204480 - CVE-2022-21628: Better HttpServer service bsc1204472 - CVE-2022-21624: Enhance icon presentations bsc1204475 - CVE-2022-21619: Improve...
openSUSE Tumbleweed 安全漏洞
openSUSE Tumbleweed is an open source system from the openSUSE project. A security vulnerability exists in openSUSE Tumbleweed that stems from the openSUSE Tumbleweed Factory's parsec package setting incorrect default permissions, allowing a local attacker to conduct denial-of-service attacks or...
CVE-2021-22410
There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client...
CVE-2021-32067
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization...
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...
CVE-2021-32067
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization...
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...
CVE-2021-32068
The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack by sending multiple session renegotiation requests, due to insufficient TLS session controls. A successful exploit could allow an attacker to modify applicatio...
Design/Logic Flaw
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...
Code injection
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...
CVE-2021-32070
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to perform a clickjacking attack due to an insecure header response. A successful exploit could allow an attacker to modify the browser header and redirect users...
CVE-2021-32067
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to view sensitive system information through an HTTP response due to insufficient output sanitization...
Mitel Networks MiCollab 安全漏洞
Mitel MiCollab is a mobile application from Mitel Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. A security vulnerability exists in Mitel Networks MiCollab that stems from the product's MiCollab Client service lacking system access validatio...
Mitel Networks MiCollab 安全漏洞
An information disclosure vulnerability exists in the MiCollab Client Service component in Mitel MiCollab versions prior to 9.3, an enterprise collaboration software and tools platform solution. The vulnerability stems from insufficient output validation. An attacker could exploit the vulnerabili...
Mitel Networks MiCollab 授权问题漏洞
An authorization issue vulnerability exists in Mitel Networks MiCollab, a mobile application from Mitel Networks Canada that provides voice, video, messaging, audio conferencing, and team collaboration for employees, and stems from the product's MiCollab Client Service component does not validate...