2694 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-41323
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses...
Linux Distros Unpatched Vulnerability : CVE-2020-11036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the...
Linux Distros Unpatched Vulnerability : CVE-2023-28852
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration...
Linux Distros Unpatched Vulnerability : CVE-2022-39370
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...
Linux Distros Unpatched Vulnerability : CVE-2022-39375
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...
Linux Distros Unpatched Vulnerability : CVE-2020-15108
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In glpi before 9.5.1, there is a SQL injection for all usages of Clone feature. This has been fixed in 9.5.1. CVE-2020-15108 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2021-3486
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPi 9.5.4 does not sanitize the metadata. This way its possible to insert XSS into plugins to execute JavaScript code. CVE-2021-3486 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2019-13239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inc/user.class.php in GLPI before 9.4.3 allows XSS via a user picture. CVE-2019-13239 Note that Nessus relies on the presence of the package as reported by the...
Linux Distros Unpatched Vulnerability : CVE-2020-11031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a...
Linux Distros Unpatched Vulnerability : CVE-2017-11329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entityrestrict parameter that is not a list of integers. CVE-2017-11329...
Linux Distros Unpatched Vulnerability : CVE-2022-39277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...
Linux Distros Unpatched Vulnerability : CVE-2020-15177
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before version 9.5.2, the install/install.php endpoint insecurely stores user input into the database as urlbase and urlbaseapi. These settings are...
Linux Distros Unpatched Vulnerability : CVE-2020-11032
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. Th...
Linux Distros Unpatched Vulnerability : CVE-2020-11033
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying...
Linux Distros Unpatched Vulnerability : CVE-2022-39276
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...
Linux Distros Unpatched Vulnerability : CVE-2022-39262
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package, GLPI administrator can define rich-text conten...
Linux Distros Unpatched Vulnerability : CVE-2020-27662
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct Object Reference IDOR vulnerability that allows an attacker to read data from any database table...
Linux Distros Unpatched Vulnerability : CVE-2022-39234
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...
Linux Distros Unpatched Vulnerability : CVE-2022-31068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected version...
Linux Distros Unpatched Vulnerability : CVE-2023-28639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 0.85 and prior to versions 9.5.13 and 10.0.7, a malicious link can be crafted by an...