Dell SmartFabric OS10 Trust Management Issue Vulnerability

Dell Networking OS10 is a Linux-based network switch operating system from Dell DELL. A security vulnerability exists in Support Assist in Dell Networking OS10 version 10.5.3.4. An unauthenticated, remote attacker could exploit this vulnerability to access limited switch configuration data and...

PT-2022-7401 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.3 Description: The issue concerns the exposure of private information defined in the setup of GLPI, such as smtp or cas hosts, to unauthorized individuals. This exposure can be exploited remotely, allowing attacker...

CVE-2022-35413

WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information such as SSL keys via an HTTPS request to the /webapi/ URI on port 443 or 5001...

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.5

Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.5.5.5, IBM WebSphere Application Server Hypervisor 8.5.5.5 and IBM HTTP Server 8.5.5.5 Vulnerability Details CVEID:CVE-2015-0174APAR PI21072 DESCRIPTION: IBM WebSphere Application Server using SNM...

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.35

Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 7.0.0.35, IBM WebSphere Application Server Hypervisor 7.0.0.35 and IBM HTTP Server 7.0.0.35. Vulnerability Details CVE ID:CVE-2014-3021 APAR PI08268 DESCRIPTION: IBM WebSphere Application Server cou...

CVE-2022-25625

A malicious unauthorized PAM user can access the administration configuration data and change the values...

CVE-2022-25625

A malicious unauthorized PAM user can access the administration configuration data and change the values...

PT-2022-17417 · Broadcom · Symantec Privileged Access Management

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A malicious unauthorized PAM user can access the administration configuration data and change the values. Recommendations: At the moment, there is no information about a newer versi...

Apache OpenOffice 安全特征问题特征问题漏洞

Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases, and more. A security signature issue vulnerability exists in Apache OpenOffice versions prior to 4.1.13, which ste...

CVE-2022-29952

Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols 60005/TCP, 60007/TCP for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration BNMC software. These protocol...

DEBIAN-CVE-2022-26306

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...

CVE-2022-26306

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...

CVE-2022-34049

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data...

CVE-2022-34049

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data...

Design/Logic Flaw

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data...

CVE-2022-34049

WAVLINK WN530HG4 (M30HG4.V5030.191116) is affected by an improper access control vulnerability. The Nuclei template specifies that unauthenticated attackers can download log files and configuration data via Exportlogs.sh, with potential for data modification or unauthorized operations. The issue ...

CVE-2022-34049

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data...

WAVLINK WN530HG4 安全漏洞

The WAVLINK WN530HG4 is a wireless router from the Chinese company WAVLINK. A security vulnerability exists in the WAVLINK WN530HG4 M30HG4.V5030.191116 version, which originates from a vulnerability that allows an unauthenticated attacker to download log files and configuration data...

CVE-2021-30327

Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music...

CVE-2021-30327

CVE-2021-30327 describes a buffer overflow in the Sahara protocol during command processing that overwrites secure configuration data in Qualcomm Snapdragon products. Affected are Snapdragon Mobile, Compute, Auto, IOT, Connectivity, and Voice & Music lines. Root cause: buffer overflow in Sahara p...