869 matches found
dev-java/snakeyaml: DoS via stack overflow
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack...
Cisco FXOS Software和UCS Manager 安全特征问题漏洞
Cisco FXOS Software and Cisco UCS Manager are both products of Cisco, Inc.Cisco FXOS Software is a suite of firewall software that runs in Cisco security appliances.Cisco UCS Manager is an excellent computer plug-in for managing sketchup coordinate systems. . A security vulnerability exists in...
CVE-2023-20016
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup...
SUSE CVE-2008-2402
The Admin Server in Sun Java Active Server Pages ASP Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and configuration data via direct requests for unspecified documents...
WAVLINK WL-WN533A8 Access Control Issue Vulnerability
WAVLINK WL-WN533A8 is a router from China's RuiYin Technology WAVLINK. The WAVLINK WL-WN533A8 suffers from an Access Control Issue vulnerability that originates from improper access control in the component /cgi-bin/ExportLogs.sh, which can be exploited by an attacker to download configuration da...
CVE-2022-48166
An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
Design/Logic Flaw
An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
Design/Logic Flaw
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48166
An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
WAVLINK WL-WN533A8 安全漏洞
WAVLINK WL-WN533A8 is a router from China's RuiYin Technology WAVLINK. The WAVLINK WL-WN533A8 suffers from an Access Control Issue vulnerability that originates from improper access control in the component /cgi-bin/ExportLogs.sh, which can be exploited by an attacker to download configuration da...
CVE-2022-48166
An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48164
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
WAVLINK WL-WN530HG4 安全漏洞
WAVLINK WL-WN530HG4 is a wireless network signal extender from China RuiYin Technology WAVLINK. A security vulnerability exists in the WAVLINK WL-WN530HG4 M30HG4.V5030.201217 version, which stems from an access control issue that allows an unauthenticated attacker to download configuration data a...
CVE-2022-48165
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48165
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
Design/Logic Flaw
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...
CVE-2022-48165
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...