273 matches found
EUVD-2024-46423
Malicious code in bioql PyPI...
EUVD-2023-28606
Malicious code in bioql PyPI...
EUVD-2022-49154
Malicious code in bioql PyPI...
EUVD-2022-33300
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-1049
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Pacemaker configuration tool pcs. The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using...
GHSA-9342-92GG-6V29 vulnerabilities
Vulnerabilities for packages: apicurio-registry, thingsboard, wildfly, jenkins, dependency-track, apache-nifi, keycloak, keycloak-config-cli...
The vulnerability of the HPE Networking Instant On configuration and access point management tool lies in its use of strictly encrypted credentials. This allows attackers to circumvent security restrictions and gain increased privileges.
The vulnerability of the HPE Networking Instant On configuration and access point management tool is related to the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain increased privileges...
The vulnerability of the Segnetics SMConfig system configuration tool lies in its insufficient verification of the authenticity of executed requests, allowing attackers to carry out CSRF attacks.
The vulnerability of the Segnetics SMConfig system configuration tool is related to insufficient verification of the authenticity of the requests being executed. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...
CVE-2024-13946
DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2024-25647
Incorrect default permissions for some IntelR Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2024-23312
Uncontrolled search path for some IntelR Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2023-46280
A vulnerability has been identified in Security Configuration Tool SCT All versions, SIMATIC Automation Tool All versions V5.0 SP2, SIMATIC BATCH V9.1 All versions V9.1 SP2 Upd5, SIMATIC NET PC Software V16 All versions V16 Update 8, SIMATIC NET PC Software V17 All versions, SIMATIC NET PC Softwa...
CVE-2023-24591
Uncontrolled search path in some IntelR Binary Configuration Tool software before version 3.4.4 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-28863
An issue was discovered in Nokia NetAct 22. A remote user, authenticated to the website, can visit the Site Configuration Tool section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value...
CVE-2021-20587
Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions...
CVE-2021-26597
An issue was discovered in Nokia NetAct 18A. A remote user, authenticated to the NOKIA NetAct Web Page, can visit the Site Configuration Tool web site section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the...
CVE-2024-13946 Binary Planting / LoadLibrary DLL's not Signed
DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...
CVE-2025-3908
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory...
OpenVPN 安全漏洞
OpenVPN is a software package for creating encrypted tunnels for virtual private networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a...
The vulnerability of the Configuration tool for access control and remote authentication in BIG-IP allows a attacker to carry out XSS attacks.
The vulnerability of the Configuration tool for access control and remote authentication in BIG-IP relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...