The vulnerability of the Snort intrusion detection system of Cisco Firepower Threat Defense (FTD) relates to the use of “Block with Relock” or “Interactive Block with Relock” configurations. This allows a intruder to cause a service failure.

The vulnerability of the Snort intrusion detection system of Cisco Firepower Threat Defense FTD is related to the use of “Block with Relapse” or “Interactive Block with Relapse” configurations. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending speciall...

[SECURITY] Fedora 35 Update: dvdauthor-0.7.2-16.fc35

DVDAuthor is a set of tools to help you author the file and directory structure of a DVD-Video disc, including programmatic commands for implementing interactive behavior. It is driven by command lines and XML control files, though there are other programs that provide GUI-based front ends if you...

The vulnerability of the software project for packaging and collaborative use of interactive reproducible environments BinderHub, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the software project for packaging and collaborative use of interactive reproducible environments BinderHub is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Cisco Products Snort 安全漏洞

Cisco Products Snort is a Snort engine for Cisco Products from Cisco USA. A security vulnerability exists in Cisco Products Snort that results from improper handling of Block with Reset or Interactive Block with Reset operations when configuring rules without proper constraints. An attacker can...

Oracle Communications Interactive Session Recorder has an unspecified vulnerability

Oracle Communications is a product of Oracle Corporation USA. provides integrated communications and cloud solutions for service providers and enterprises to accelerate their digital transformation.A security vulnerability exists in Oracle Communications Interactive Session Recorder, which could ...

CVE-2021-2461

Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications component: Provision API. The supported version that is affected is 6.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Design/Logic Flaw

Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications component: Provision API. The supported version that is affected is 6.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2021-2461

Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications component: Provision API. The supported version that is affected is 6.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2021-2461

CVE-2021-2461 affects Oracle Communications Interactive Session Recorder (Provision API) with affected version 6.4. Multiple connected sources corroborate a remote, unauthenticated HTTP-accessible vulnerability that can lead to unauthorized read/update/delete of data and a partial denial of servi...

CVE-2021-2461

Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications component: Provision API. The supported version that is affected is 6.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Oracle Communications 安全漏洞

Oracle Communications is a product of Oracle Corporation USA. provides integrated communications and cloud solutions for service providers and enterprises to accelerate their digital transformation.A security vulnerability exists in Oracle Communications Interactive Session Recorder, which could ...

CVE-2021-22035

VMware vRealize Log Insight 8.x prior to 8.6 contains a CSVComma Separated Value injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log...

Schneider Electric IGSS 路径遍历漏洞

Schneider Electric Interactive Graphical SCADA System IGSS is an advanced SCADA system for monitoring and controlling industrial processes.Schneider Electric Interactive Graphical SCADA System is vulnerable to a path traversal vulnerability, which can be exploited by attackers to read arbitrary...

Schneider Electric IGSS 访问控制错误漏洞

Schneider Electric Interactive Graphical SCADA System IGSS is an advanced SCADA system for monitoring and controlling industrial processes.Schneider Electric Interactive Graphical SCADA System is vulnerable to An access control error vulnerability can be exploited to delete arbitrary files in the...

VITEC Exterity IPTV Elevation of Privilege Vulnerability

VITEC Exterity IPTV is a new technology from the French company VITEC that uses the broadband cable network to provide a variety of interactive services, including digital TV, to home users by integrating various technologies such as Internet, multimedia and communications. root...

WordPress ImageLinks Interactive Image Builder plugin <= 1.5.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress ImageLinks Interactive Image Builder plugin versions = 1.5.2. Solution Update the WordPress ImageLinks Interactive Image Builder plugin to the latest available version at least 1.5.3...

WordPress Vision Interactive plugin < 1.5.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by WPScanTeam in WordPress Vision Interactive plugin versions 1.5.2. Solution Update the WordPress Vision Interactive plugin to the latest available version at least 1.5.2...

VMSA-2021-0022:VMware vRealize Log Insight updates address CSV injection vulnerability

Advisory ID: VMSA-2021-0022 CVSSv3 Range: 6.5 Issue Date:2021-10-12 Updated On: 2021-10-12 Initial Advisory CVEs: CVE-2021-22035 Synopsis: VMware vRealize Log Insight updates address CSV injection vulnerability CVE-2021-22035 RSS Feed Download PDF Download Text File Share this page on social medi...

react-here-map-interactive (>=0.0.1 <=0.9.2) potentially affected by CVE-2021-23700 via merge-deep2 (=3.0.6)

merge-deep2 NPM version =3.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on merge-deep2 and may be impacted: - react-here-map-interactive =0.0.1, =0.9.2 Source cves: CVE-2021-23700 Source advisory: SNYK:JS-MERGEDEEP2-1727593...

CVE-2021-41088

Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend started by elvish -web hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of requests correctly. As a...