2198 matches found
Veritas Data Insight 安全漏洞
Veritas Data Insight is a Veritas solution that classifies, contextualizes, and controls unstructured data. A security vulnerability exists in Veritas Data Insight versions prior to 7.1, which stems from vulnerability to cross-site scripting attacks that allow remote attackers to inject arbitrary...
CVE-2024-47854
CVE-2024-47854 describes a reflected XSS vulnerability in Veritas Data Insight before 7.1. The issue allows a remote attacker to inject arbitrary web script into an HTTP request, which could be reflected to an authenticated user if executed, due to insufficient sanitization. Affected software: Ve...
PT-2024-32853 · Veritas · Veritas Data Insight
Name of the Vulnerable Software and Affected Versions: Veritas Data Insight versions prior to 7.1 Description: A security issue was discovered that allows a remote attacker to inject an arbitrary web script into an HTTP request, which could reflect back to an authenticated user without sanitizati...
Cognex In-Sight OPC Server Deserialization of Untrusted Data (CVE-2021-32935)
The affected Cognex product, the In-Sight OPC Server versions v5.7.4 96 and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation. This plugin only works with Tenable.ot. Please visit...
openSUSE Security Advisory (SUSE-SU-2024:3288-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-37994
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....
CVE-2024-37994
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....
CVE-2024-8042
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect...
CVE-2024-8042
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect...
CVE-2024-8042 Rapid7 Insight Platform Unauthorized Empty Group Creation
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect...
CVE-2024-8042
CVE-2024-8042 affects Rapid7 Insight Platform versions from November 2019 through August 14, 2024, due to missing authorization that enables an attacker to intercept local requests to set the name and description of a new user group. This could lead to an empty user group being created for the in...
PT-2024-38768 · Rapid7 · Rapid7 Insight Platform
Name of the Vulnerable Software and Affected Versions: Rapid7 Insight Platform versions between November 2019 and August 14, 2024 Description: The issue is related to missing authorization in the Rapid7 Insight Platform, allowing an attacker to intercept local requests and potentially add an empt...
Rapid7 Insight Platform 安全漏洞
Rapid7 Insight Platform is a platform for managing profiles, users, products, API keys, and settings from Rapid7 USA. A security vulnerability exists in Rapid7 Insight Platform that stems from the inclusion of an authorization missing issue that allows an attacker to intercept local requests to s...
Exploit for Race Condition in Openbsd Openssh
CVE-2024-6387: Race Condition in Signal Handling for OpenSSH...
Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
CVE-2024-34102 ★ Thanks to @th3gokul, Sanjaith3hacker, Chocapi...
Security Bulletin: Netcool Operations Insights 1.6.13 addresses multiple security vulnerabilities.
Summary Netcool Operations Insight v1.6.13 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2021-31684 DESCRIPTION: netplex JSON Smart is vulnerable to a denial of...
Rapid7 completes IRAP PROTECTED assessment for Insight Platform solutions
Exciting news from Australia! Rapid7 has successfully completed an Information Security Registered Assessors Program IRAP assessment to PROTECTED Level for several of our Insight Platform solutions. What is IRAP? An IRAP assessment is an independent assessment of the implementation,...
PT-2024-13679 · Github · Github
Name of the Vulnerable Software and Affected Versions: Kiuwan SAST: versions prior to the fixed version Kiuwan Local Analyzer KLA affected versions not specified Description: The Kiuwan Local Analyzer KLA Java scanning application contains several hard-coded secrets in plain text format,...
New! Insight Agent Support for ARM-based Windows in InsightVM
We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...
Fedora: Security Advisory for rust-uu_sort (FEDORA-2024-ce2936b568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...