64 matches found
EUVD-2020-6190
Malware in sbrugna...
EUVD-2018-8942
Malware in sbrugna...
BIT-DISCOURSE-2022-46168 Group SMTP user emails are exposed in CC email header
Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta15 on the beta and tests-passed branches, recipients of a group SMTP email could see the email addresses of all other users inside the group SMTP topic. Most of the time this is n...
“The Access Policy has externally been modified and cannot be changed by Studio” warning message
After setting access policy rule, “Access Policy” option in “Edit Delivery Group” dialog cannot display. ------------------------ Add-PSSnapin -Name Citrix. Set-BrokerAccessPolicyRule 'AG' -IncludedClientIPFilterEnabled $True Set-BrokerAccessPolicyRule 'AG' -IncludedClientIPs xxx.xxx.xxx.xxx...
QEMU Code Issue Vulnerability
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A security vulnerability exists in QEMU version 8.0.4 and earlier versions, which stems from the fact that it does not check whether an enduran...
CVE-2023-21214
In addGroupWithConfigInternal of p2piface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android...
SUSE CVE-2011-1006
Heap-based buffer overflow in the parsecgroupspec function in tools/tools-common.c in the Control Group Configuration Library aka libcgroup or libcg before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear wheth...
SUSE CVE-2020-8907
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...
CVE-2022-21677 Group advanced search option may leak group and group's members visibility
Discourse is an open source discussion platform. Discourse groups can be configured with varying visibility levels for the group as well as the group members. By default, a newly created group has its visibility set to public and the group's members visibility set to public as well. However, a...
Jarm - Active Transport Layer Security (TLS) server fingerprinting tool
Please read the initial JARM blog post for more information. JARM is an active Transport Layer Security TLS server fingerprinting tool. JARM fingerprints can be used to: Quickly verify that all servers in a group have the same TLS configuration. Group disparate servers on the internet by...
CVE-2020-14024
Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the 1 Receiver or Recipient field in the Mailbox feature, 2 OZFORMGROUPNAME field in the Group configuration of addresses, 3 listname field in the Defining address lists configuration, o...
CVE-2020-14024
CVE-2020-14024 специалисты описывают как у Ozeki NG SMS Gateway до версии 4.17.6 обнаружены несколько XSS-уязвимостей, требующих аутентифицированного доступа: через поля Receiver/Recipient в Mailbox, OZFORM_GROUPNAME в настройках групп адресов, поле listname в Defining Address Lists и через любой...
CVE-2020-14024
Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the 1 Receiver or Recipient field in the Mailbox feature, 2 OZFORMGROUPNAME field in the Group configuration of addresses, 3 listname field in the Defining address lists configuration, o...
CVE-2018-17167
PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Machine Host Name" or "Server Serial Number" field in the clustering configuration, 2 "name" field in the Edit Group configuration, 3 "Rule Name" field in the Access Control configuration, 4...
CVE-2018-17167
CVE-2018-17167 affects PrinterOn Enterprise 4.1.4. The vulnerability is described as multiple authenticated stored XSS flaws in the web UI: (1) Machine Host Name or Server Serial Number field in clustering, (2) name in Edit Group, (3) Rule Name in Access Control, (4) Service Name in Service Confi...
CVE-2019-1648
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An...
Design/Logic Flaw
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An...
CVE-2019-1648
CVE-2019-1648 affects Cisco SD-WAN Solution. A vulnerability in the user group configuration allows an authenticated, local attacker to write a crafted file to the directory containing the group config, bypassing validation and gaining root-level privileges. Impact is full device takeover. Sympto...
CVE-2019-1648 Cisco SD-WAN Solution Privilege Escalation Vulnerability
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An...
CVE-2019-1648 Cisco SD-WAN Solution Privilege Escalation Vulnerability
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group configuration. An...