113 matches found
CVE-2022-38129
A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method in the Keysight Sensor Management Server SMS. This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host...
PT-2022-24222 · Keysight · Keysight Sensor Management Server
Name of the Vulnerable Software and Affected Versions: Keysight Sensor Management Server SMS affected versions not specified Description: A path traversal issue exists in the addLicenseFile method of the com.keysight.tentacle.licensing.LicenseManager class. This allows an unauthenticated remote...
Keysight Technologies Sensor Management Server 路径遍历漏洞
Keysight Technologies Sensor Management Server is a sensor management server from Keysight Technologies, USA. A security vulnerability exists in Keysight Technologies Sensor Management Server SMS, which stems from its com.keysight.tentacle.licensing.LicenseManager.addLicenseFile method that allow...
PT-2022-24224
Name of the Vulnerable Software and Affected Versions No specific software version is mentioned, so the affected software is: Keysight SMS affected versions not specified Description The issue concerns the com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method, which is used to...
The vulnerability in the implementation of the UserFirmwareRequestHandler class in the microprogramming software for sensors for monitoring the Keysight N6841A, as well as the microprogramming software for geolocation servers from Keysight, N6854A, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the UserFirmwareRequestHandler class implementation in the microprogramming software for sensors monitoring the Keysight N6841A spectrum, as well as the microprogramming software for geolocation servers from Keysight, the N6854A, is related to errors in processing the relativ...
The vulnerability of the Spring Framework configuration implementation for microprogramming sensors for monitoring the Keysight N6841A RF device and the Keysight N6854A geolocation sensors allows a perpetrator to execute arbitrary code.
The vulnerability of the Spring Framework configuration for microprogramming sensors for monitoring Keysight N6841A RF devices, as well as the microprogramming software for geolocation systems from Keysight N6854A, lies in the recovery of unreliable data structures in memory. Exploiting this...
Keysight Technologies Sensor Management Server Detection
Binary data keysightsmsdetect.nbin...
Keysight Technologies Sensor Management Server Deserialization RCE (CVE-2022-1660)
Binary data keysightsmscve-2022-1660.nbin...
CVE-2022-1661 Keysight N6854A Geolocation server and N6841A RF Sensor software
The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files...
CVE-2022-1661 Keysight N6854A Geolocation server and N6841A RF Sensor software
The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files...
CVE-2022-1660 Keysight N6854A Geolocation server and N6841A RF Sensor software
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code...
CVE-2022-1660 Keysight N6854A Geolocation server and N6841A RF Sensor software
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code...
多款Keysight Technologies产品代码问题漏洞
Keysight Technologies N6854A Geolocation server and Keysight Technologies N6841A RF Sensor are both products of Keysight Technologies, Inc.Keysight Technologies Keysight Technologies N6854A Geolocation server is a geolocation server.Keysight Technologies N6841A RF Sensor is an RF sensor. It is us...
多款Keysight Technologies产品路径遍历漏洞
Keysight Technologies N6854A Geolocation server and Keysight Technologies N6841A RF Sensor are both products of Keysight Technologies, Inc.Keysight Technologies Keysight Technologies N6854A Geolocation server is a geolocation server.Keysight Technologies N6841A RF Sensor is an RF sensor. It is us...
KeySight N6841A RF Sensor UserFirmwareRequestHandler Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UserFirmwareRequestHandler class. The issue results from the lack ...
Keysight N6854A Geolocation server and N6841A RF Sensor software
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Keysight Technologies, Inc. Equipment: N6854A Geolocation server and N6841A RF Sensor software Vulnerabilities: Relative Path Traversal, Deserialization of Untrusted Data 2. RISK EVALUATION Successful...
PT-2021-7266 · Keysight · Keysight N6854A Geo Location Server +1
Name of the Vulnerable Software and Affected Versions: Keysight N6841A RF Sensor versions affected versions not specified Keysight N6854A Geo Location Server versions affected versions not specified Description: The issue is related to directory traversal errors in the UserFirmwareRequestHandler...
CVE-2020-35122
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection...
CVE-2020-35121
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro...
CVE-2020-35122
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection...