312 matches found
(0Day) Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...
PT-2023-26968 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. Although authentication is required to exploit this issue, the...
(0Day) (Pwn2Own) Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...
PT-2023-26964 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this, the existing...
PT-2023-26966 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create arbitrary files on affected installations, despite requiring authentication, which can be bypassed. The flaw exists...
(0Day) (Pwn2Own) Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the web...
PT-2023-26965 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create directories on affected installations, despite requiring authentication to exploit. The flaw exists within the handlin...
PT-2023-26967 · Nginx +1 · Nginx +1
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existing...
(0Day) (Pwn2Own) Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...
Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Softing Secure Integration Server Login Utility
This module will attempt to authenticate to a Softing Secure Integration Server. Module Options msf use auxiliary/scanner/http/softingsislogin msf auxiliarysoftingsislogin show actions ...actions... msf auxiliarysoftingsislogin set ACTION msf auxiliarysoftingsislogin show options ...show and set...
Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to HTTP request smuggling due to CVE-2022-1705
Summary The IBM App Connect Enterprise Certified Container operator and IntegrationServer operands utilise Golang Go. The IBM App Connect Enterprise Certified Container operator and IntegrationServer operands may be vulnerable to HTTP request smuggling. This bulletin provides patch information to...
PT-2022-7027 · Softing · Softing Opc Ua C++ Sdk +1
Name of the Vulnerable Software and Affected Versions: Softing OPC UA C++ SDK versions affected versions not specified Softing Secure Integration Server versions affected versions not specified Description: The issue is related to the incorrect restriction of a directory path name with limited...
(Pwn2Own) Softing Secure Integration Server wbemcomn Uncontrolled Search Path Element Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Softing Secure Integration Server. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
Softing Secure Integration Server Content-Type NULL Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the Content-Type HTTP header. The issu...
(Pwn2Own) Softing Secure Integration Server OPC UA Messages NULL Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the the handling of OPC UA messages. The issue results...
Softing Secure Integration Server URI NULL Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the URI HTTP header. The issue results...
(Pwn2Own) Softing Secure Integration Server UnZipFolder Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
(Pwn2Own) Softing Secure Integration Server Use of Default Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the default configuration of user accounts. The configuration contains...