49 matches found
ATBroker Registry Security Scanner
This code is a defensive Windows security scanner designed to audit potentially sensitive Registry paths related to ATBroker Accessibility Technology Broker and core system hives. It only checks for the presence of certain registry keys to see if they're protected or accessible...
EUVD-2022-36274
Malicious code in bioql PyPI...
EUVD-2022-45097
Malicious code in bioql PyPI...
EUVD-2022-49106
Malicious code in bioql PyPI...
EUVD-2022-49105
Malicious code in bioql PyPI...
BIT-JOOMLA-2024-27187 [20240804] - Core - Improper ACL for backend profile view
Improper Access Controls allows backend users to overwrite their username when disallowed...
CVE-2022-46288
Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
CVE-2022-46287
Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
CVE-2022-41993
Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
CVE-2024-2551
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service DoS condition. Repeated attempts to trigger this...
ezsystems/ez-support-tools Failing access control in system info view
This Security Advisory is about a vulnerability in ezsystems/ez-support-tools v2.2, part of Ibexa DXP v3.2. Older versions are not affected. A user having insufficient permissions is able to access the system information tabs if they type in the direct link the link is not shown in the menu. The...
CVE-2022-41993
Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
CVE-2022-46287
Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
CVE-2022-46288
Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
CVE-2022-41993
Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
Cross site scripting
Cross-site scripting vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...
Open redirect
Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL...
PT-2022-27798 · Unknown · Denshi Nyusatsu Core System
Name of the Vulnerable Software and Affected Versions: DENSHI NYUSATSU CORE SYSTEM versions prior to v6 R4 Description: A cross-site scripting issue allows a remote unauthenticated attacker to inject an arbitrary script. Recommendations: For versions prior to v6 R4, update to a version later than...
CVE-2022-46287
DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier are affected by a cross-site scripting (CWE-79) vulnerability (CVE-2022-46287). A remote, unauthenticated attacker can inject arbitrary script into users’ browsers when interacting with the system. The issue is confirmed in multiple sources within the...
CVE-2022-41993
DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier is affected by CVE-2022-41993, a Cross-site Scripting (CWE-79) vulnerability. The issue allows a remote unauthenticated attacker to inject arbitrary scripts, potentially impacting users who log in or access the system. Connected sources confirm the af...