SolarWinds Web Help Desk < 12.8.3 - Insecure Deserialization

SolarWinds Web Help Desk before version 12.8.3 contain a critical Java deserialization vulnerability that enables remote code execution. Attackers can exploit this flaw to execute arbitrary commands on the host machine. Initially reported as unauthenticated, SolarWinds was unable to reproduce...

SolarWinds Web Help Desk < 12.8.7 Hotfix 1 Unsafe Deserialization

The version of Solarwinds Web Help Desk installed on the remote host is prior to 12.8.7 Hotfix 1. It is, therefore, affected by an unsafe deserialization vulnerability. - SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution...

NetIQ iManager 跨站请求伪造漏洞

NetIQ iManager is an advanced Web-based management console from NetIQ UK. Customized, secure access to network management utilities and content can be provided from any location in the world. A cross-site request forgery vulnerability exists in NetIQ iManager 3.2 Service Pack 6 Patch 3 Hotfix 1...

CVE-2022-41669

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load a malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3...

PT-2022-6501 · Schneider Electric · Ecostruxure Operator Terminal Expert +1

Name of the Vulnerable Software and Affected Versions: EcoStruxure Operator Terminal Expert versions V3.3 Hotfix 1 or prior Pro-face BLUE versions V3.3 Hotfix 1 or prior Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as a path...

CVE-2021-35250

A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1...

PT-2022-10453 · Solarwinds · Serv-U

Name of the Vulnerable Software and Affected Versions: Serv-U versions 15.3.0.X through 15.3.0.X before Hotfix 1 Serv-U version 15.3 Description: A researcher reported a Directory Transversal issue in Serv-U. This may allow access to files relating to the Serv-U installation and server files. The...

CVE-2021-22909

A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle MitM attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later...

McAfee Active Response Privilege Vulnerability (CNVD-2020-35073)

McAfee Active Response MAR is an endpoint detection and response tool for security threats from the U.S.-based McAfee. The product supports features such as rapid access to threat data, threat alerts and centralized management. A power lifting vulnerability exists in versions prior to McAfee MAR...

McAfee Endpoint Detection and Response Privileging Vulnerability (CNVD-2020-35071)

McAfee Endpoint Detection and Response EDR is a suite of endpoint threat detection and response solutions from the U.S.-based company McAfee McAfee. The product supports threat event monitoring, host traffic monitoring and automatic threat identification and other functions. A power lifting...

McAfee Endpoint Detection and Response Privileging Vulnerability (CNVD-2020-35070)

McAfee Endpoint Detection and Response EDR is a suite of endpoint threat detection and response solutions from the U.S.-based company McAfee McAfee. The product supports threat event monitoring, host traffic monitoring and automatic threat identification and other functions. A power lifting...

McAfee Active Response Privilege Vulnerability

McAfee Active Response MAR is an endpoint detection and response tool for security threats from the U.S.-based McAfee. The product supports features such as rapid access to threat data, threat alerts and centralized management. A power lifting vulnerability exists in versions prior to McAfee MAR...

CVE-2020-7291

Privilege Escalation vulnerability in McAfee Active Response MAR for Mac prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to...

CVE-2020-7286

Privilege Escalation vulnerability in McAfee Exploit Detection and Response EDR for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to...

CVE-2020-7288

Privilege Escalation vulnerability in McAfee Exploit Detection and Response EDR for Mac prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to...

SolarWinds Orion Platform Cross-Site Scripting Vulnerability

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...

One Identity Cloud Access Manager Cross-Site Request Forgery Vulnerability

One Identity Cloud Access Manager CAM is a Web-based access management solution from US-based One Identity. The product supports single sign-on, multi-factor authentication, access control and auditing. A cross-site request forgery vulnerability exists in One Identity CAM versions prior to 8.1.4...

CVE-2018-7692

Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1...

PT-2006-5741 · Ipswitch · Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP Server versions 5.0 through 5.05 before Hotfix 1 Description: Multiple buffer overflows have unknown impact and remote authenticated attack vectors via the 1 XCRC, 2 XMD5, and 3 XSHA1 commands. Recommendations: For WS FTP Server versio...

PT-2006-5742 · Ipswitch · Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP Server versions prior to 5.05 Hotfix 1 Description: The issue prevents certain sensitive information from being displayed in the Files and Summary tabs of the log analyzer. Recommendations: For versions prior to 5.05 Hotfix 1, apply...