142 matches found
SSL Spoofing
azure-core is vulnerable to SSL spoofing attacks. The vulnerability is due to improper SSL configuration, which could allow an attackers to impersonate domains...
CVE-2024-28069
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and...
Samsung Mobile Improper configuration in Samsung Internet (SVE-2023-0322)
Binary data samsungsve-2023-0322.nbin...
Cache Poisoning
Moby is vulnerable to Cache Poisoning. The vulnerability is due to improper cache configuration when the image is built FROM scratch. This issue can be exploited by an attacker to poison the cache and force a user to pull a specially crafted image. Note that 23.0+ users are only affected if they...
Dell iDRAC9 Improper Input Validation (CVE-2022-34435)
Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update...
CVE-2023-44383 October CMS stored XSS by authenticated backend user with improper configuration
October is a Content Management System CMS and web platform to assist with development workflow. A user with access to the media manager that stores SVG files could create a stored XSS attack against themselves and any other user with access to the media manager when SVG files are supported. This...
Design/Logic Flaw
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...
CVE-2023-39291
CVE-2023-39291 concerns Mitel MiVoice Connect’s Connect Mobility Router (affected versions up to 9.6.2304.102). The vulnerability is described as an information disclosure due to improper configuration, enabling an authenticated attacker with elevated privileges to view system information. The co...
CVE-2023-39289
CVE-2023-39289 affects Mitel MiVoice Connect, specifically the Connect Mobility Router component, with versions up to 9.6.2208.101. The vulnerability allows an unauthenticated attacker to perform an account enumeration attack due to improper configuration, potentially exposing system information....
CVE-2023-39289
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...
CVE-2023-39290
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view syst...
CVE-2023-30674
Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie...
Input validation
Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie...
CVE-2023-30674
Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie...
Improper Authentication
github.com/labring/sealos is vulnerable to Improper Authentication. The vulnerability exists due to Improper configuration in RBAC permissions, which allows an attacker to gain access and perform unauthorized actions...
CVE-2022-22063
Memory corruption in Core due to improper configuration in boot remapper...
Memory corruption
Memory corruption in Core due to improper configuration in boot remapper...
CVE-2022-22063 Memory corruption in Core
Memory corruption in Core due to improper configuration in boot remapper...
CVE-2022-22063 Memory corruption in Core
Memory corruption in Core due to improper configuration in boot remapper...
CVE-2022-22063
CVE-2022-22063 affects Qualcomm devices with a vulnerable non-secure boot remapper that can bypass hypervisor memory protection. The root cause is an improper boot remapper configuration that allows a compromised OS to remap to hypervisor memory and read/write/execute hypervisor code, enabling po...