2694 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-41679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.1...
Linux Distros Unpatched Vulnerability : CVE-2022-41941
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may...
Linux Distros Unpatched Vulnerability : CVE-2024-27756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI through 10.0.12 allows CSV injection by an attacker who is able to create an asset with a crafted title. CVE-2024-27756 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2022-29250
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to...
Linux Distros Unpatched Vulnerability : CVE-2024-27937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated us...
Linux Distros Unpatched Vulnerability : CVE-2019-10233
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie. CVE-2019-10233 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2015-7684
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated users to execute arbitrary code by adding a file with an executable extension as an...
Linux Distros Unpatched Vulnerability : CVE-2023-37278
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator ca...
Linux Distros Unpatched Vulnerability : CVE-2024-27096
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated us...
Linux Distros Unpatched Vulnerability : CVE-2019-10232
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Teclib GLPI through 9.3.3 has SQL injection via the cycle parameter in /scripts/unlocktasks.php. CVE-2019-10232 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2023-46726
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, on PHP 7.4 only, the LDAP server configuration...
Linux Distros Unpatched Vulnerability : CVE-2020-11062
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6...
Linux Distros Unpatched Vulnerability : CVE-2021-39209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, a user who is logged in to GLPI can bypass Cross-Site Request Forgery CSRF...
Linux Distros Unpatched Vulnerability : CVE-2016-7508
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authenticated remote attacker to execute arbitrary SQL commands by using a certain character when...
Linux Distros Unpatched Vulnerability : CVE-2023-22500
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6 are vulnerable to Incorrect Authorization. This vulnerabilit...
Linux Distros Unpatched Vulnerability : CVE-2023-23610
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. Versions prior to 9.5.12 and 10.0.6 are vulnerable to Improper Privilege Management. Any user having...
Linux Distros Unpatched Vulnerability : CVE-2022-35945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licens...
Linux Distros Unpatched Vulnerability : CVE-2024-47758
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take...
Linux Distros Unpatched Vulnerability : CVE-2024-11955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file...
Linux Distros Unpatched Vulnerability : CVE-2015-7685
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the profilesid parameter to...