869 matches found
Micro Focus Service Manager Information Disclosure Vulnerability (CNVD-2020-18401)
Micro Focus Service Manager is a suite of service desk software from Micro Focus UK. The software supports the deployment of a comprehensive IT service management ITSM system and standardizes management processes. A security vulnerability exists in Micro Focus Service manager. An attacker could...
CVE-2020-9518
Login filter can access configuration files vulnerability in Micro Focus Service Manager Web Tier, affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data...
CVE-2020-9518
Login filter can access configuration files vulnerability in Micro Focus Service Manager Web Tier, affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data...
Design/Logic Flaw
Login filter can access configuration files vulnerability in Micro Focus Service Manager Web Tier, affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data...
CVE-2020-9519
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...
Design/Logic Flaw
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...
CVE-2020-9519
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...
Moxa MB3xxx Series Protocol Gateways
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: MB3170 series, MB3180 series, MB3270 series, MB3280 series, MB3480 series, and MB3660 series Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow to Buffer Overflow,...
Lenovo XClarity Administrator Access Control Error Vulnerability
Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The product is capable of providing agentless hardware management for servers, storage, network switches, and more. An access control error vulnerability exists in Lenovo XClarity Administrator LX...
CVE-2020-6769
Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...
Authentication flaw
Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...
CVE-2020-6769 Missing Authentication for Critical Function in Bosch Video Streaming Gateway
Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...
CVE-2019-19822
A certain router administration interface that includes Realtek APMIB 0.11f for Boa 0.94.14rc21 allows remote attackers to retrieve the configuration, including sensitive data usernames and passwords. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R...
CVE-2019-17635
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...
Deserialization of untrusted data
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...
CVE-2019-17635
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted...
CVE-2019-6331
An issue was found in Samsung Mobile Print Android versions prior to 4.08.007. A potential security vulnerability caused by incomplete obfuscation of application configuration information...
Unspecified Vulnerability in Forcepoint NGFW Security Management Center
Forcepoint NGFW Security Management Center SMC is a Forcepoint product that provides unified, centralized management capabilities for Forcepoint's next-generation firewalls. A security vulnerability exists in Forcepoint NGFW SMC versions prior to 6.5.12 and prior to 6.7.1. An attacker could explo...
CVE-2019-3992
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usernames and, in older...
CVE-2019-3989
The Blink XT2 Sync Module firmware (pre-2.13.11) is affected by CVE-2019-3989, a remote OS command injection due to improper sanitization of internal network data. The vulnerability arises when the device constructs and executes OS commands from external input (notably via get_network()/get_netwo...