Lexmark path traversal vulnerability

Lexmark is a family of printers in the U.S. A path traversal vulnerability exists in Lexmark devices, which stems from the product's failure to properly filter special elements in resource or file paths. An attacker could access the PJL directory through this vulnerability and could override...

CVE-2021-44737

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files...

CVE-2021-44737

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files...

Directory traversal

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files...

CVE-2021-44737

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files...

Lexmark 路径遍历漏洞

Lexmark is a family of printers in the U.S. A path traversal vulnerability exists in Lexmark devices, which stems from the product's failure to properly filter special elements in resource or file paths. An attacker could access the PJL directory through this vulnerability and could override...

Discourse Information Disclosure Vulnerability (CNVD-2022-05504)

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.Discourse is vulnerable to an information disclosure vulnerability that could be exploited by attackers to obtain private configuration files...

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.Discourse is vulnerable to an information disclosure vulnerability that could be exploited by attackers to obtain private configuration files...

Kalkitech Sync Products Encryption Issue Vulnerability

Kalkitech Sync Products is a range of substation gateways from Kalkitech India. Kalkitech Sync Products suffers from an encryption issue vulnerability that stems from the use of an insecure communication channel by the management tools Easyconnect and SYNC devices, which can be exploited by an...

CVE-2021-44564

A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to...

Kalkitech Sync Products 加密问题漏洞

Kalkitech Sync Products is a range of substation gateways from Kalkitech India. Kalkitech Sync Products suffers from an encryption issue vulnerability that stems from the use of an insecure communication channel by the management tools Easyconnect and SYNC devices, which can be exploited by an...

Netgear Nighthawk R6700 Encryption Issue Vulnerability

The Netgear Nighthawk R6700 is a wireless router from Netgear, Inc. An encryption vulnerability exists in the Netgear Nighthawk R6700, which stems from the fact that the product does not effectively encrypt configuration files. An attacker could modify the backup configuration by extracting the...

CVE-2021-4180

An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the wwwauthenticateuri parameter which is visible to all end users in configuration files. This would give sensitive...

4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories

A security flaw has been unearthed in Microsoft's Azure App Service that resulted in the exposure of source code of customer applications written in Java, Node, PHP, Python, and Ruby for at least four years since September 2017. The vulnerability, codenamed "NotLegit," was reported to the tech...

The vulnerability of the WISE-4060 Ethernet module’s microprogramming software, related to the unencrypted storage of confidential information, allows a perpetrator to gain full access to the device’s configuration files.

The vulnerability of the WISE-4060 Ethernet module’s microprogramming software is related to the unencrypted storage of confidential information. Exploiting this vulnerability could allow an attacker to gain full access to the device’s configuration files...

Security update for netdata (moderate)

openSUSE Security Update: Security update for netdata Announcement ID: openSUSE-SU-2021:1603-1 Rating: moderate References: 1139094 1139095 1139098 Cross-References: CVE-2018-18836 CVE-2018-18837 CVE-2018-18838 CVE-2018-18839 CVSS scores: CVE-2018-18836 NVD : 6.5...

FatPipe WARP, IPVPN, and MPVPN Authorization Vulnerability (CNVD-2021-101933)

FatPipe is a WAN redundancy technology from FatPipe USA that provides companies with automated and dynamic failover due to a WAN component or service failure that results in a data line connection outage.A security vulnerability exists in FatPipe WARP, IPVPN and MPVPN that stems from a lack of...

Deserialization of Untrusted Data

In logback version 1.2.9 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers...

CVE-2021-42550

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers...

CVE-2021-42550

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers...