Cisco Intersight Virtual Appliance IPv4 and IPv6 Forwarding Vulnerabilities

Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are received on the external...

Cisco Intersight 安全漏洞

Cisco Intersight is an application platform from Cisco, Inc. provides a level of intelligent management that enables IT organizations to analyze, simplify, and automate their environments in a more advanced way than previous generations of tools. A security vulnerability exists in the Cisco...

Cisco Intersight 安全漏洞

Cisco Intersight is an application platform from Cisco, Inc. provides a level of intelligent management that enables IT organizations to analyze, simplify, and automate their environments in a more advanced way than previous generations of tools. A security vulnerability exists in the Cisco...

Akash Rajpurohit clipper 安全漏洞

Akash Rajpurohit clipper is an open source application Akash Rajpurohit. It provides the ability to save a history of all the information copied and use them at any time. A security vulnerability exists in Clipper before 1.0.5 that allows remote command execution. A remote attacker can exploit th...

CVE-2021-21435

Article Bcc fields and agent personal information are shown when customer prints the ticket PDF via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions...

CVE-2021-21435

Article Bcc fields and agent personal information are shown when customer prints the ticket PDF via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions...

Code injection

Article Bcc fields and agent personal information are shown when customer prints the ticket PDF via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions...

UBUNTU-CVE-2021-21435

Article Bcc fields and agent personal information are shown when customer prints the ticket PDF via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions...

CVE-2021-21435

Article Bcc fields and agent personal information are shown when customer prints the ticket PDF via external interface. This issue affects: OTRS AG OTRS 7.0.x version 7.0.23 and prior versions; 8.0.x version 8.0.10 and prior versions...

PT-2021-14507 · Otrs Ag +1 · Otrs +1

Name of the Vulnerable Software and Affected Versions: OTRS AG OTRS versions 7.0.x through 7.0.23 OTRS AG OTRS versions 8.0.x through 8.0.10 Description: The issue concerns the exposure of Article Bcc fields and agent personal information when a customer prints a ticket in PDF format via an...

Green Packet WiMax DV-360 Command Injection Vulnerability

The Green Packet WiMax DV-360 is a router for the home from Green Packet USA. A security vulnerability exists in the Green Packet WiMax DV-360 2.10.14-g1.0.6.1 that allows for command injection, unauthenticated remote command execution via crafted payloads to HTTPS ports, as lighttpd listens to a...

CVE-2020-1777

Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask real agent names. This issue affects OTRS; 7.0.21 and prior versions, 8.0.6 and prior versions...

CVE-2020-1777 Agent names disclosed in chat feature

Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask real agent names. This issue affects OTRS; 7.0.21 and prior versions, 8.0.6 and prior versions...

CVE-2020-1775

BCC recipients in mails sent from OTRS are visible in article detail on external interface. This issue affects OTRS: 8.0.3 and prior versions, 7.0.17 and prior versions...

CVE-2020-1775

BCC recipients in mails sent from OTRS are visible in article detail on external interface. This issue affects OTRS: 8.0.3 and prior versions, 7.0.17 and prior versions...

CVE-2020-1768 External Interface does not invalidate session

The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions...

CVE-2018-12296

Insufficient access control in /api/external/7.0/system.System.getinfos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests...

CVE-2018-4056

An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. A login message with a specially crafted username can cause an SQL injection, resulting in authentication bypass, which could give access to the TURN server administrator...

Palo Alto PAN-OS Cross-Site Scripting Vulnerability

A vulnerability exists in the PAN-OS GlobalProtect external interface that could allow for a cross-site scripting XSS attack. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2017-7409

Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674...