374 matches found
PowerDNS Recursor 安全漏洞
PowerDNS Recursor pdnsrecursor is a domain name resolution server from the Dutch company PowerDNS. A security vulnerability exists in PowerDNS Recursor. An attacker has exploited the vulnerability to cause a denial of service on the system. The following versions are affected: 4.6.5 and earlier,...
CVE-2022-43772
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the username and password of clusters in clear text into system logs...
SUSE CVE-2023-26437
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3...
IBM Spectrum Virtualize 日志信息泄露漏洞
IBM Spectrum Virtualize is a block storage virtualization system from International Business Machines IBM, Inc. that improves the data value, security, and simplicity of new and existing storage infrastructures. A log information disclosure vulnerability exists in IBM Spectrum Virtualize versions...
SUSE CVE-2003-0914
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL time-to-live value...
SUSE CVE-2009-3231
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password...
SUSE CVE-2019-17012
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.3,...
PT-2023-16094 · Microsoft +1 · Utilman +1
Name of the Vulnerable Software and Affected Versions: ACC versions prior to 8.3.4 Description: The issue allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. Recommendations: For versions prior to 8.3.4,...
CVE-2022-37783
creationtimestamp| type| source ---|---|--- 2022-12-06 00:40:11+00:00| seen| https://t.me/cibsecurity/54024...
Hitachi Pentaho Business Analytics 安全漏洞
Hitachi Pentaho Business Analytics is a business analytics platform from Hitachi, Japan, Inc. for securely accessing, integrating, manipulating, visualizing and analyzing big data assets. A security vulnerability exists in Hitachi Pentaho Business Analytics version 9.2.0.2 prior to version 9.2 an...
CVE-2022-36360
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker t...
PT-2022-26363 · Veritas · Veritas Netbackup
Name of the Vulnerable Software and Affected Versions: Veritas NetBackup versions prior to 8.3 Description: An issue was discovered that allows an attacker with local access to delete arbitrary files by leveraging a path traversal in the pbx exchange registration code. Recommendations: For Verita...
CVE-2022-35656
Pega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly...
CVE-2022-36302
File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information...
CVE-2022-36986
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server...
Veritas NetBackup 安全漏洞
Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and backup protection of environmental data such as metadata and virtual environments. A security...
PT-2022-12936 · Unknown · Goanywhere Mft
Name of the Vulnerable Software and Affected Versions: GoAnywhere MFT versions prior to 6.8.3 Description: A path traversal issue exists that could allow an external user who self-registers with specific username and/or profile information to access files at a higher directory level than intended...
10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3307 more potentially affected by CVE-2022-25869 via angular (>=0.0.1 <=1.8.3)
angular NPM version =0.0.1, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2022-25869 Source advisory: OSV:GHSA-PRC3-VJFX-VHM9...
CVE-2022-1683
creationtimestamp| type| source ---|---|--- 2022-06-08 14:45:54+00:00| seen| https://t.me/cibsecurity/44005...
CVE-2022-30770
Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and r 8.2.x versions prior to version 8.2.18.5 or 8.2.18.2.1 are vulnerable to XSS vulnerability that could be exploited by an attacker to mislead an administrator and steal their credentials...