The vulnerability of the IVA MCU video conference server software, related to the possibility of loading dangerous files, allows attackers to execute XSS attacks.

The vulnerability of the IVA MCU video conference server software relates to the possibility of loading files of a malicious nature. Exploiting this vulnerability allows a remote attacker to carry out an XSS-type attack...

Tenable Nessus Agent 10.4.2 Multiple Vulnerabilities (TNS-2023-38)

Tenable Nessus Agent is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessusagent";...

CVE-2023-5847

Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts...

The vulnerability of the SAP Business Objects Business Intelligence Platform lies in its ability to download files of a dangerous type without limit, allowing attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the SAP Business Objects Business Intelligence Platform relates to the unlimited loading of files of a sensitive type. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...

The vulnerability of the VMware Aria Operations for Logs network log analysis tool relates to the possibility of bypassing authentication, allowing an attacker to execute arbitrary code.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to the possibility of bypassing authentication. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading files into the device’s operating system remotely...

CVE-2023-38546

This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a functio...

The vulnerability in the /sysmanage/updateos.php script of the DAR-7000 router’s microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability in the /sysmanage/updateos.php script of the DAR-7000 router’s microprogramming system involves unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Vulnerability of the /log/webmailattach.php script in the DAR-7000 router microprogramming system, allowing attackers to execute arbitrary commands

The vulnerability of the /log/webmailattach.php script in the DAR-7000 router microprogramming system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

The vulnerability in the /sysmanage/changelogo.php script of the D-Link DAR-8000 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the /sysmanage/changelogo.php script of the D-Link DAR-8000 router’s microprogramming system is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

The vulnerability in the /sysmanage/updateos.php script of the D-Link DAR-7000 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the /sysmanage/updateos.php script of the D-Link DAR-7000 router’s microprogramming system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the InPlant SCADA system, related to insufficient calculation of password hashes, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the InPlant SCADA system is related to insufficient calculation of password hashes during the loading of project files. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the iPXE network loading standard implementation for the Cisco IOS XR operating system allows a hacker to load arbitrary files.

The vulnerability of the iPXE network loading standard implementation for the Cisco IOS XR operating system is related to insufficient verification of data authenticity during file loading. Exploiting this vulnerability could allow attackers to load arbitrary files...

The vulnerability of the J-Web interface in Juniper Networks Junos OS-based EX series devices allows a attacker to compromise data integrity and execute arbitrary code.

The vulnerability of the J-Web interface in Juniper Networks Junos OS devices of the EX series involves unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to compromise data integrity and execute arbitrary code remotely...

The vulnerability of the J-Web interface in Juniper Networks Junos OS-based SRX devices allows a hacker to execute arbitrary code.

The vulnerability of the J-Web interface in Juniper Networks Junos OS-based SRX devices involves unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the SCADA system SCADA Data Gateway (SDG) lies in its ability to load files of a dangerous type without limitation, allowing a intruder to execute arbitrary code.

The vulnerability of the SCADA system SCADA Data Gateway SDG is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

PT-2023-14295 · Arm · Arm Compiler 5 (Ac5) +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns an installer that loads or executes files using an unconstrained search path, making it potentially vulnerable to attacks where an...

The vulnerability of the software file loading function in OMICARD EDM ITPison allows a perpetrator to execute arbitrary commands.

The vulnerability of the software file loading function in OMICARD EDM ITPison involves unlimited loading of dangerous types of files. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the Advantech WebAccss/SCADA SCADA system, related to the unlimited loading of dangerous type files, allows a intruder to execute arbitrary code.

The vulnerability of the Advantech WebAccss/SCADA SCADA system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the built-in software of the ARIS controller lies in the ability to load files of a harmful type without limitation, allowing a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the built-in software of the ARIS controller is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), arises from the possibility of unlimited loading of dangerous files, allowing a intruder to execute arbitrary code.

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System IGSS, lies in its ability to load files of a dangerous type without limitation. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...