3492 matches found
Siemens Nucleus ReadyStart 安全漏洞
Siemens Nucleus ReadyStart is a bundled solution from Siemens Germany. It is used to accelerate the fast startup of complete systems and provides a rich board-level support package Bsp. Siemens Nucleus ReadyStart suffers from an incorrect access vulnerability that could be exploited by an attacke...
Siemens Nucleus ReadyStart 缓冲区错误漏洞
Nucleus NET modules integrate a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device. A security vulnerability exists in several Siemens products, which stems from the FTP server not properly...
Siemens Nucleus ReadyStart 缓冲区错误漏洞
The Nucleus NET module integrates a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device, and the Nucleus RTOS is a microkernel-based real-time operating system. A security vulnerability exis...
PT-2021-6893 · Unknown · Desigo Pxc22-E.D +20
Name of the Vulnerable Software and Affected Versions: APOGEE MBC PPC BACnet versions All APOGEE MBC PPC P2 Ethernet versions All APOGEE MEC PPC BACnet versions All APOGEE MEC PPC P2 Ethernet versions All APOGEE PXC Compact BACnet versions prior to V3.5.4 APOGEE PXC Compact P2 Ethernet versions...
Accellion File Transfer Appliance < 9_12_416 Multiple Vulnerabilities
The version of the remote Accellion Secure File Transfer Appliance is prior to 912416. It is, therefore, affected by multiple vulnerabilities: - SQL injection via a crafted Host header in a request to an endpoint. CVE-2021-27101 - OS command execution via a local web service call. CVE-2021-27102 ...
[SECURITY] Fedora 35 Update: curl-7.79.1-1.fc35
curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...
curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols
A flaw was found in curl. This flaw lies in the --ssl-reqd option or related settings in libcurl. Users specify this flag to upgrade to TLS when communicating with either IMAP, POP3 or a FTP server. An attacker controlling such servers could return a crafted response which could lead to curl clie...
CVE-2020-7867
An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrary directory for user because the viewer program receive the file from agent with privilege of...
Input validation
An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrary directory for user because the viewer program receive the file from agent with privilege of...
Huawei EulerOS: Security Advisory for spice-vdagent (EulerOS-SA-2021-2617)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : spice-vdagent (EulerOS-SA-2021-2617)
According to the versions of the spice-vdagent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged...
CVE-2020-36502
Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-site scripting XSS vulnerability via the devicename parameter which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered as the device name itself...
CVE-2020-36486
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting XSS vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling...
CVE-2020-36486
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting XSS vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling...
CVE-2020-36502
Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-site scripting XSS vulnerability via the devicename parameter which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered as the device name itself...
CVE-2020-23038
Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...
CVE-2020-23038
Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...
Cross site scripting
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting XSS vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling...
CVE-2020-23038
Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...
CVE-2020-23038
CVE-2020-23038 affects Swift File Transfer Mobile v1.1.2 and earlier. A path traversal/info-disclosure vulnerability exists in the path parameter, triggered by an error caused by including non-existent path environment variables. The connected sources corroborate that an unauthorized attacker cou...