WEM Server Failed to Connect Database after SQL AlwaysOn Failover to Secondary

User has followed Citrix Doc below to setup AlwaysOn for WEM: https://docs.citrix.com/en-us/workspace-environment-management/current-release/system-requirements.htmlsql-server-always-on However, the WEM server won't be able to connect AlwaysOn database after a failover from primary SQL to...

Microsoft Edge browser’s vulnerability on Android, related to security configuration errors, allows attackers to bypass security restrictions.

The vulnerability of Microsoft Edge browser on Android is related to security configuration errors. Exploiting this vulnerability can allow a remote attacker to bypass security restrictions using a specially created file...

K13600: SSH vulnerability CVE-2012-1493

Security Advisory Description A platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using secure shell SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH...

SUSE CVE-2012-6150

The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by...

CVE-2023-25561

DataHub is an open-source metadata platform. In the event a system is using Java Authentication and Authorization Service JAAS authentication and that system is given a configuration which contains an error, the authentication for the system will fail open and allow an attacker to login using any...

PT-2023-20159

Name of the Vulnerable Software and Affected Versions DataHub affected versions not specified Description The issue occurs when a system using Java Authentication and Authorization Service JAAS authentication encounters a configuration error, causing authentication to fail open. This allows an...

The vulnerability of the Mozilla Firefox browser, related to security configuration errors, allows a hacker to read arbitrary files.

The vulnerability of the Mozilla Firefox browser is related to security configuration errors. Exploiting this vulnerability allows a remote attacker to read arbitrary files...

CVE-2022-45778

https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 = 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a...

Design/Logic Flaw

https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 = 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a...

CVE-2022-45778

https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 = 5.0.4.0 is vulnerable to Incorrect Access Control. There is a permission bypass vulnerability in the Hillstone WEB application firewall. An attacker can enter the background of the firewall with super administrator privileges through a...

NETGEAR 安全漏洞

NETGEAR is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. A security vulnerability exists in the NETGEAR RAX30 AX2400 prior to version 1.0.9.90, which stems from a network configuration error...

Airtable.js misconfiguration vulnerability

Airtable.js is Airtable open source an Airtable javascript client . Provides a simple way to access the data . A misconfiguration vulnerability exists in Airtable.js versions prior to 0.11.6 that stems from a misconfiguration in a script that binds environment variables to the build target of a...

Nextcloud: Messages can still be seen on conversation after expiring when cron is misconfigured

A vulnerability in Nextcloud Talk allowed expired chat messages to still be visible to anyone with access to the conversation, even after the message expiration time had passed...

IBM PowerVM Hypervisor Misconfiguration Vulnerability

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS capabilities and leading performance of the Power Systems platform. A misconfiguration vulnerability...

CVE-2022-34331

After performing a sequence of Power FW950, FW1010 maintenance operations a SRIOV network adapter can be improperly configured leading to desired VEPA configuration being disabled. IBM X-Force ID: 229695...

PT-2025-25981 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the iavf driver's adminq error handling. The issue involves the allocation of DMA coherent memory for VF mailbox using...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. A configuration error vulnerability exists in Huawei HarmonyOS, which stems from a configuration flaw in the security OS module. An attacker could exploit this vulnerability to cause confidentiality to be compromised...

The vulnerability of the Crypto Pro downloader for the Windows operating system allows a hacker to bypass security restrictions and gain unauthorized access to the system.

The vulnerability of the Crypto Pro downloader for the Windows operating system is related to security configuration errors. Exploiting this vulnerability can allow a hacker to bypass security restrictions and gain unauthorized access to the system...

The vulnerability of the TeamPass password manager, related to security configuration errors, allows a hacker to delete any accessible file on the server.

The vulnerability of the TeamPass password manager is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to delete any accessible files on the server...

CVE-2022-20258

In Bluetooth, there is a possible way to bypass compiler exploit mitigations due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...