18 matches found
EUVD-2024-17370
Malicious code in bioql PyPI...
Files or Directories Accessible to External Parties
Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties due to improper restriction of file read. An attacker can obtain sensitive information by sending crafted requests to exposed resources. Note: This is only exploitable if the attacker...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the alteration of the JDBC connection configuration. An attacker can execute arbitrary code by modifying the JDBC settings if they gain system or project admin permissions. Remediation Upgrade...
CVE-2024-1630
Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component...
CVE-2024-1629
Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...
CVE-2024-1630 Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component
Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component...
CVE-2024-1630
CVE-2024-1630 describes a path traversal vulnerability in the getAllFolderContents() function of GE HealthCare’s Common Service Desktop, a component of GE HealthCare ultrasound devices. Affects the Common Service Desktop software; root cause is improper restriction of directory paths, enabling ac...
CVE-2024-1630 Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component
Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component...
CVE-2024-1629 Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component
Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...
CVE-2024-1629
CVE-2024-1629 describes a path traversal vulnerability in the deleteFiles() function of GE HealthCare’s Common Service Desktop, part of GE HealthCare ultrasound devices. Technical details from connected sources identify the affected component as the Common Service Desktop within the device ecosys...
CVE-2024-1629 Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component
Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...
PT-2024-3918 · Ge Healthcare · Common Service Desktop
Name of the Vulnerable Software and Affected Versions: Common Service Desktop affected versions not specified Description: The issue concerns a path traversal vulnerability in the deleteFiles function of Common Service Desktop, a component of GE HealthCare ultrasound devices. This vulnerability i...
PT-2024-3919 · Ge Healthcare · Common Service Desktop
Name of the Vulnerable Software and Affected Versions: Common Service Desktop versions affected versions not specified Description: The issue is related to a path traversal vulnerability in the getAllFolderContents function of the Common Service Desktop component in GE HealthCare ultrasound...
CVE-2023-48118
SQL Injection vulnerability in Quest Analytics LLC IQCRM v.2023.9.5 allows a remote attacker to execute arbitrary code via a crafted request to the Common.svc WSDL page...
ca.uhn.hapi.fhir:hapi-fhir-testpage-overlay (>=0.4 <=0.5), ch.ralscha:extdirectspring (=1.4.0) +75 more potentially affected by CVE-2014-0054 via org.springframework:spring-webmvc (>=4.0.0.RELEASE <=4.0.1.RELEASE)
org.springframework:spring-webmvc MAVEN version =4.0.0.RELEASE, =0.4, =0.1.1-alpha, =0.2-alpha, =1.0.0, =2.0.3.2.1, =2.1.3.10.1, =2.0.3.6, =2.0.3.6, =2.1.2.7.1, =2.0.3.1, =2.1.4.19 and more Source cves: CVE-2014-0054 Source advisory: OSV:GHSA-8CMM-QJ8G-FCP6...
CVE-2021-44464
Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software...
McAfee Agent Common Service Reuse After Release Vulnerability
McAfee Agent MA is a set of McAfee client components that provide secure communications between ePolicy Orchestrator antivirus management platform and managed products. common service is one of the common service components. A post-release reuse vulnerability exists in McAfee Common service in MA...
XSS in HTDIG
Eg; http://www.anyhost.com/cgi-bin/htsearch.cgi?words=223E3Cscript3Ealert28document.cookie293B3C2Fscript3E all URLS must be on one line Apologies if this is a known issue. Apologies also for posting about XSS, too, but this is not an isolated website, but a commonly used service. ===== -----BEGIN...