PT-2024-29612 · Sdop +1 · Sdop +1

Name of the Vulnerable Software and Affected Versions: SDoP versions prior to 1.11 Description: The issue is related to the handling of parameters inside input data, resulting in a stack-based buffer overflow. This can lead to arbitrary code execution when a user processes a specially crafted XML...

The vulnerability of the SINEMA Remote Connect client web interface, related to security mechanism failures, allows attackers to view and edit protected information regarding VxLAN network configurations.

The vulnerability of the SINEMA Remote Connect client web interface is related to security mechanism errors. Exploiting this vulnerability allows an attacker to remotely view and edit protected information regarding VxLAN network configurations without proper access rights...

The vulnerability of the JT Open Toolkit (JTTK) and PLM XML SDK development tools is related to pointer assignment errors, which allow attackers to trigger a service failure.

The vulnerability of the JT Open Toolkit JTTK and PLM XML SDK development tools is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to trigger a service failure by loading a specially created malicious XML file...

CVE-2024-39868

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected devices do not properly validate the authentication when performing certain actions in the web interface allowing an unauthenticated attacker to access and edit VxLAN configuration information of...

CVE-2024-39570

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 HF1. Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow an authenticated attacker to execute arbitrary code...

[SECURITY] Fedora 40 Update: httpd-2.4.61-1.fc40

The Apache HTTP Server is a powerful, efficient, and extensible web server...

Siemens SINEMA Remote Connect Server 安全漏洞

Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. Siemens SINEMA Remote Connect Server suffers from a forced browsing vulnerability due to the failure ...

PT-2024-5097 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: A vulnerability has been identified in the SINEMA Remote Connect Server, related to errors in security mechanisms. This issue allows an unauthenticated attacker to access an...

PT-2024-5098 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 HF1 Description: A vulnerability has been identified in SINEMA Remote Connect Server due to missing server-side input sanitation when loading VxLAN configurations. This could allow an...

The vulnerability of the Guided Procedures component of the SAP NetWeaver AS for Java software used for creating and deploying web applications allows a malicious individual to gain unauthorized access to confidential information.

The vulnerability of the Guided Procedures component in the SAP NetWeaver AS for Java web application creation and deployment software is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to...

The vulnerability of the Oozie Workflow Scheduler component of the Apache Ambari software, which allows attackers to perform XXE attacks

The vulnerability of the Oozie Workflow Scheduler component of the Apache Ambari software is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a remote attacker to perform XXE attacks...

JP1/Extensible SNMP Agent fails to restrict access permissions

Overview JP1/Extensible SNMP Agent provided by Hitachi fails to restrict access permissions CWE-276. Yutaka Kokubu, Shun Suzaki, and Kazuki Hirota of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

JVN#94347255: JP1/Extensible SNMP Agent fails to restrict access permissions

JP1/Extensible SNMP Agent provided by Hitachi fails to restrict access permissions CWE-276. Impact If an authenticated attacker who can log in to the product places a specially crafted DLL file in a specific directory, arbitrary code may be executed with the administrative privilege. Solution...

CVE-2024-4679 Folder Permission Vulnerability in JP1/Extensible SNMP Agent

Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows, Hitachi JP1/Extensible SNMP Agent on Windows, Hitachi Job Management Partner1/Extensible SNMP Agent on Windows allows File Manipulation.This issue affects JP1/Extensible SNMP Agent for Windows: from 12-0...

Hitachi JP1/Extensible SNMP Agent Security Vulnerability

Hitachi JP1/Extensible SNMP Agent is an agent program from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi JP1/Extensible SNMP Agent that stems from incorrect default permissions and allows attackers to perform arbitrary file operations...

PT-2024-32202 · Hitachi · Hitachi Jp1/Extensible Snmp Agent +2

Name of the Vulnerable Software and Affected Versions: Hitachi JP1/Extensible SNMP Agent for Windows versions 11-00 through 11-00-, versions 12-00 through 12-00 before 12-00-01 Hitachi JP1/Extensible SNMP Agent versions 09-00 through 09-00-04, versions 10-00 through 10-00-02, versions 10-10 throu...

GNU Emacs, Org Mode: Multiple Vulnerabilities

Background GNU Emacs is a highly extensible and customizable text editor. Description Multiple vulnerabilities have been discovered in GNU Emacs. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

Number withdrawn

ZenML is an extensible open source MLOps framework for creating portable, production-ready machine learning pipelines. This CVE number has been withdrawn...

CVE-2022-48769

In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports 0 that his recent MacbookPro crashes in the firmware when using the variable services at runtime. The culprit appears to be a call to...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux in the United States. A security vulnerability exists in the Linux kernel that stems from the efi:runtime module avoiding the EFIv2 runtime service on Apple x86 machines...