724 matches found
PT-2024-1860 · Cisco · Cisco Unified Intelligence Center
Name of the Vulnerable Software and Affected Versions: Cisco Unified Intelligence Center affected versions not specified Description: A vulnerability in the Live Data server could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service ...
Security Bulletin: Multiple security vulnerabilities have been identified in DB2 JDBC driver shipped with IBM Tivoli Business Service Manager
Summary DB2 JDBC driver is shipped as part of the XMLToolkit component for IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting DB2 JDBC driver has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Rocky Linux 8 : evolution (RLSA-2020:4649)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:4649 advisory. - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads...
Rocky Linux 8 : evolution (RLSA-2021:1752)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1752 advisory. - In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal...
HammerSpace GDE / GFS 4.6.6-324 Authentication Bypass Exploit
This utility generates the TOTP passcode used to sign in as the support service account user for HammerSpace GFS default installations. Both the OVA and ISO are affected. Versions 4.6.6-324 and below with a default installation are affected. Affected Product: HammerSpace Global Data Environment /...
Schneider Electric IGSS Data Server Access Control Error Vulnerability
Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. An access control error vulnerability exists in Schneider Electric IGSS Data Server, which stems from a lack of authentication of key functional identities and could be...
The vulnerability lies in the executable file IGSSdataServer.exe of the SCADA system’s data server, IGSS Data Server, as well as the executable file DashBoard.exe of the IGSS Dashboard. Additionally, the RMS16.dll library from the report module Custom Reports allows a perpetrator to execute arbitrary code.
The vulnerability of the IGSSdataServer.exe executable of the SCADA system’s data server, the DashBoard.exe executable of the IGSS Dashboard, and the RMS16.dll library of the report module Custom Reports is related to insufficient verification of data authenticity. Exploiting this vulnerability...
The vulnerability of the SCADA system’s data server and monitoring tools, such as Custom Reports and IGSS Dashboard, arises due to an incorrect restriction on the path to the restricted access catalog. This allows a perpetrator to execute arbitrary codes.
The vulnerability of the getRMSreportFile function in the SCADA system’s data server and the Custom Reports and IGSS Dashboard monitoring tools exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a attacker to execute...
The vulnerability lies in the executable file IGSSdataServer.exe of the SCADA system’s data server, IGSS Data Server, as well as the executable file DashBoard.exe of the IGSS Dashboard. Additionally, the RMS16.dll library from the report module Custom Reports can also be exploited, allowing an attacker to cause a service failure.
The vulnerability of the IGSSdataServer.exe executable of the SCADA system’s data server, the DashBoard.exe executable of the IGSS Dashboard, and the RMS16.dll library of the report module Custom Reports is related to insufficient verification of data authenticity. Exploiting this vulnerability c...
The vulnerability of the indicator panels of the SCADA system’s data server and the monitoring tools such as Custom Reports and IGSS Dashboard allows a intruder to execute any arbitrary code in the target system.
The vulnerability of the indicator panels of the SCADA system’s data server and the monitoring tools such as Custom Reports and IGSS Dashboard is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a perpetrator to execute arbitrary code on the target...
The vulnerability lies in the executable file IGSSdataServer.exe of the SCADA system’s data server, IGSS Data Server, as well as the executable file DashBoard.exe of the IGSS Dashboard. Additionally, the RMS16.dll library from the report module Custom Reports allows a hacker to delete arbitrary data.
The vulnerability of the IGSSdataServer.exe executable of the SCADA system’s data server, the DashBoard.exe executable of the IGSS Dashboard, and the RMS16.dll library of the report module Custom Reports is related to the absence of authentication for a critical function. Exploiting this...
The vulnerability of the Custom Reports component of the SCADA system’s data server, as well as the monitoring tools of the Custom Reports and IGSS Dashboards, allows a perpetrator to execute arbitrary code.
The vulnerability of the Custom Reports component of the SCADA system’s data server and the Custom Reports and IGSS Dashboard monitoring tools exists due to insufficient verification of input data. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using a specially...
CVE-2023-27983
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would lead to loss of data when an attacker abuses this functionality. Affected Products: IGSS Data...
CVE-2023-27983
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would lead to loss of data when an attacker abuses this functionality. Affected Products: IGSS Data...
Authentication flaw
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would lead to loss of data when an attacker abuses this functionality. Affected Products: IGSS Data...
CVE-2023-27979
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to denial of service when an attacker sends specific crafted messages to the Data Server TCP port. Affecte...
CVE-2023-27979
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to denial of service when an attacker sends specific crafted messages to the Data Server TCP port. Affecte...
Design/Logic Flaw
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to denial of service when an attacker sends specific crafted messages to the Data Server TCP port. Affecte...
CVE-2023-27977
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss of data when an attacker sends specific crafted messages to the Data Server TCP port. Affected...
CVE-2023-27977
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss of data when an attacker sends specific crafted messages to the Data Server TCP port. Affected...