4651 matches found
Apache Unomi Remote Code Execution Vulnerability
Apache Unomi is a java open source client data platform that can be used on multiple systems to manage user profiles and the data associated with that profile, Unomi was announced as a top Apache project in 2019. Since Apache Unomi is built as an OSGi application running in Apache Karaf, it is...
CVE-2020-7552
A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition Def.exe version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF Configuration Group File file is imported to IGSS Definition...
CVE-2020-7557
A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition Def.exe version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF Configuration Group File file is imported to IGSS Definition...
CVE-2020-7556
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition Def.exe version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF Configuration Group File file is imported to IGSS Definition...
Schneider Electric Interactive Graphical SCADA System Buffer Error Vulnerability
The Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. The Interactive Graphical SCADA System suffers from a buffer error vulnerability that stems...
Schneider Electric Schneider Electric Interactive Graphical SCADA System Buffer Error Vulnerability
The Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. The Interactive Graphical SCADA System suffers from a buffer error vulnerability that stems...
Schneider Electric Interactive Graphical SCADA System Buffer Error Vulnerability
The Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. The Interactive Graphical SCADA System suffers from a buffer error vulnerability that stems...
Schneider Electric Interactive Graphical SCADA System Buffer Error Vulnerability
The Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. A buffer error vulnerability exists in IGSS version 14.0.0.20247 and earlier, which stems...
Code Projects Artworks Gallery Code Issues Vulnerabilities
Code Projects Artworks Gallery is an online artwork management website builder organized by Code Projects. A security vulnerability in ARTWORKS GALLERY, which exists within the Edit Configuration File feature in PHP, CSS, JAVASCRIPT, and MYSQL 1.0, can be exploited by remote attackers to upload...
Schneider Electric Interactive Graphical SCADA System Buffer Error Vulnerability
The Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. The Interactive Graphical SCADA System suffers from a buffer error vulnerability that stems...
Sympa <= 6.2.59 Privilege Escalation Vulnerability
Sympa is prone to a privilege escalation vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...
The vulnerability of Cisco Firepower Threat Defense’s micro-programming software relates to errors in container operations, allowing attackers to execute commands with root privileges.
The vulnerability of Cisco Firepower Threat Defense’s microprogramming software is related to errors during the operation of containers. Exploiting this vulnerability allows an attacker to execute commands with root privileges by modifying a specific configuration file within the container’s basi...
CVE-2020-2314
Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...
PT-2020-15547 · Jenkins · Jenkins Appspider Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins AppSpider Plugin versions 1.0.12 and earlier Description: The issue concerns the storage of a password in an unencrypted form in the global configuration file on the Jenkins controller. This password can be viewed by users with access...
F5 BIG-IP Denial of Service Vulnerability (CNVD-2020-74870)
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security vulnerability exists in F5 BIG-IP, which can be exploited by an attacker to trigger a denial of service by creating...
CVE-2020-3514
A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials ...
Design/Logic Flaw
A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials ...
CVE-2020-3514 Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability
A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials ...
CVE-2020-3514 Cisco Firepower Threat Defense Software Multi-Instance Container Escape Vulnerability
A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace. The attacker must have valid credentials ...
CVE-2020-10139
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system...