Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a privilege issue...

EUVD-2000-0350

Malware in sbrugna...

LangChain-ChatGLM-Webui 安全漏洞

LangChain-ChatGLM-Webui is an X-D Lab open source AI based on automated quizzing against a local knowledge base. A security vulnerability exists in LangChain-ChatGLM-Webui version ef829, which stems from insecure privileges that allow an attacker to view and download sensitive files via a special...

foxmarks 安全漏洞

foxmarks is an extremely fast, highly extensible and easy to integrate command line read-only interface by zefr0x individual developers. A security vulnerability exists in foxmarks versions prior to v2.1.0, which stems from the presence of insecure privileges that allow a malicious user to read t...

Kuma 安全漏洞

Kuma is a modern Envoy-based service grid open-sourced by Kuma. It can be run on Kubernetes and VMs with single or multiple zones capacity on each cloud. A security vulnerability exists in Kuma v2.7.0 and prior versions that stems from the presence of insecure privileges that allow an attacker to...

CVE-2024-4884

The CVE-2024-4884 family affects Progress WhatsUp Gold versions released before 2023.1.3, with unauthenticated remote code execution via the CommunityController (Apm.UI.Areas.APM.Controllers.CommunityController) and related paths (GetFileWithoutZip) that allow command execution with iisapppool\nm...

Netgear WNR614 Security Vulnerability

The Netgear WNR614 is an N300 wireless router with external antenna from Netgear USA. A security vulnerability exists in the Netgear WNR614 version V1.1.0.541.0.1, which stems from the presence of insecure privileges that allow an attacker to access URLs and directories embedded in the firmware v...

Human Resource Management System 安全漏洞

Human Resource Management System is a human resource management system by maverickosama Individual Developer. A security vulnerability exists in Sourcecodester Human Resource Management System version 1.0, which stems from the presence of insecure privileges...

TinyLab linux-lab Security Vulnerabilities

linux-lab is Tai Xiao Technology tinyclub open source a Docker/Qemu-based Linux kernel learning, development and testing environment. TinyLab linux-lab v1.1-rc1, cloud-labv0.8-rc2, v1.1-rc1 version of the security vulnerability , the vulnerability stems from the application is susceptible to...

Mobile Security Framework Security Vulnerability

Mobile Security Framework MobSF is Mobile Security Framework open source an automated all-in-one mobile application . Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A security vulnerability exists in Mobile...

Stormshield Network Security (SNS) VPN SSL Client 安全漏洞

Stormshield Network Security is a next-generation UTM Unified Threat Management firewall from the French company Stormshield. A security vulnerability exists in the Stormshield Network Security SNS VPN SSL Client versions 2.1.0 through 2.8.0 that stems from having insecure privileges...

CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

PowerJob 安全漏洞

PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A security vulnerability exists in PowerJob version V4.3.1 that stems from the presence of insecure privileges...

IBM CICS TX 信息泄露漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. An information disclosure vulnerability exists in IBM CICS TX version 11.1 that stems from an insecure privilege setting that could disclose sensitive information to local users...

TOTOLINK A3002R 安全漏洞

The TOTOLINK A3002R is a wireless dual-band Gigabit router from China's Gion Electronics TOTOLINK that complies with the latest IEEE802.11ac Wave 2 standard. A security vulnerability exists in the TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 version, which stems from being vulnerable ...

OneBlog 安全漏洞

OneBlog is a beautiful, powerful Java blog. An authorization issue vulnerability exists in OneBlog v2.3.4, which stems from the presence of insecure privileges in the program, and can be exploited by an attacker to allow a low-level administrator to reset the password of a high-level administrato...

D-Link DSL-G2452DG has an unspecified vulnerability

The D-Link DSL-G2452DG is a router from D-Link China.A security vulnerability exists in the D-Link DSL-G2452DG, which stems from the fact that HW:T1＼tFW:ME2.00 contains insecure privileges. No detailed vulnerability details are currently available...

D-Link DSL-G2452DG 安全漏洞

The D-Link DSL-G2452DG is a router from D-Link China.A security vulnerability exists in the D-Link DSL-G2452DG, which stems from the fact that HW:T1＼tFW:ME2.00 contains insecure privileges. No detailed vulnerability details are currently available...

PT-2021-6314

Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver affected versions not specified Description The issue is related to insecure privilege management in the Windows Common Log File System Driver of the Windows operating system. Exploitation of this issue ma...

Northern.tech CfEngine 信息泄露漏洞

Northern.tech CfEngine is an open source configuration management solution from Northern.tech, Inc. It is used to securely manage It infrastructure. An information disclosure vulnerability exists in Northern.tech CFEngine Enterprise that stems from the Hub in CFEngine Enterprise 3.6.7 through...