CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers...

CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers...

UBUNTU-CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers...

CVE-2019-14902

CVE-2019-14902 affects Samba: all 4.11.x before 4.11.5, all 4.10.x before 4.10.12, and all 4.9.x before 4.9.18. The issue is that removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers. Impact is exposure of ACL/permission state across A...

Replication of ACLs set to inherit down a

Description A newly delegated right, but more importantly the removal of a delegated right, would not be inherited on any DC other than the one where the change was made. For example: - if a user or group was previously delegated the right to create or modify a subtree say to allow desktop suppor...

CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers...

Schneider Electric Modicon Controllers (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. UPDATE INFORMATION This updated...

SIEMENS SCALANCE X witches series authentication bypass vulnerability

SCALANCE X witches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. An authentication bypass vulnerability exists in the SIEMENS SCALANCE X witches family. An attacker could exploit this vulnerability to obtain sensitive...

CVE-2019-6857

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service of the controller when reading specific memory blocks using...

CVE-2018-7794

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when reading data with invalid index using Modbus TCP...

CVE-2019-18269

Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability...

PT-2019-15306 · Omron · Omron Plc Cj Series

Name of the Vulnerable Software and Affected Versions: Omron CS series PLCs affected versions not specified Omron CJ series PLCs affected versions not specified Description: The issue concerns an unrestricted externally accessible lock vulnerability. Recommendations: For Omron CS series PLCs, at...

Access Control Error Vulnerability in Omron PLC CJ and CS Series

Omron PLC CJ and CS series are PLCs from Omron. A security vulnerability exists in the Omron PLC CJ and CS Series that can be exploited by an attacker to access unrestricted locks...

CVE-2019-13927

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...

CVE-2019-13927

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...

Design/Logic Flaw

A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 All firmware versions V6.00.320, Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules...

CVE-2019-13927

CVE-2019-13927 affects Siemens Desigo PX devices with web interfaces (web server on tcp/80). A specially crafted HTTP message can cause the web server to respond with 404 to subsequent requests, degrading availability; recovery requires a reboot. Affected families include PXC00-E/D, PXC50-E/D, PX...

nopCommerce Cross-Site Scripting Vulnerability

nopCommerce is a set of open source general e-commerce platform. nopCommerce 4.20 and earlier versions of PresentationNop.WebAreasAdminControllersNewsController.cs and PresentationNop. WebAreasAdminControllersBlogController.cs components have a cross-site scripting vulnerability in the...

CVE-2019-19682

nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the components \Presentation\Nop.Web\Areas\Admin\Controllers\NewsController.cs and \Presentation\Nop.Web\Areas\Admin\Controllers\BlogController.cs via Body or Full to Admin/News/NewsItemEdit/id Admin/Blog/BlogPostEdit/id. NOTE: the...

Cisco IOS XE Software, Catalyst, and NGWC GUI Privilege Escalation (cisco-sa-20170927-ngwc)

According to its self-reported version, Cisco IOS XE Software is affected by a privilege escalation vulnerability in the web-based Wireless Controller GUI for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless...