34 matches found
CVE-2023-51578 Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerabilit...
PT-2023-8150 · Voltronic Power · Voltronic Power Viewpower
Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this issue...
PT-2023-8149 · Voltronic Power · Voltronic Power Viewpower
Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower affected versions not specified Description: The issue is related to the use of dangerous methods or functions in the LinuxMonitorConsole class of the Voltronic Power ViewPower software. This allows remote attackers ...
(0Day) Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
PT-2023-8152 · Voltronic Power · Voltronic Power Viewpower
Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower affected versions not specified Description: This issue allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower. Authentication is not required to exploi...
Delta Electronics InfraSuite Device Master RunScript Exposed Dangerous Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RunScript method. The issue results from an exposed...
Design/Logic Flaw
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function...
Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doRTAAccessUPass method. The issue results from an exposed...
GHSA-8692-G6G9-GM5P xwiki contains Exposed Dangerous Method or Function
Impact org.xwiki.store.script.TemporaryAttachmentsScriptServiceuploadTemporaryAttachment is returning an instance of com.xpn.xwiki.doc.XWikiAttachment. This class is not supported to be exposed to users without the programing right. com.xpn.xwiki.api.Attachment should be used instead and takes ca...
CVE-2022-30703
Trend Micro Security 2021 and 2022 Consumer is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation...
CVE-2022-30703
Trend Micro Security 2021 and 2022 Consumer is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation...
CVE-2021-23556
Guake is vulnerable before version 3.8.5 to Exposed Dangerous Method or Function due to exposure of execute_command and execute_command_by_uuid via the D-Bus interface, allowing a malicious user to run an arbitrary command. Exploitation requires the attacker to have or trigger another malicious p...
Design/Logic Flaw
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method...
CVE-2011-3497
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method...