Lucene search
+L

25 matches found

redhatcve
redhatcve
added 2026/01/09 11:36 a.m.7 views

CVE-2021-41551

Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...

4.9CVSS6.9AI score0.01274EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-28569

Malicious code in bioql PyPI...

4.9CVSS5.4AI score0.01274EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.11 views

EUVD-2021-28568

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00962EPSS
Exploits0References2
osv
osv
added 2022/01/18 3:15 p.m.4 views

CVE-2021-41551

Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...

4.9CVSS5.8AI score0.01274EPSS
Exploits0References2
nvd
nvd
added 2022/01/18 3:15 p.m.25 views

CVE-2021-41551

Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...

4.9CVSS0.01274EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/01/18 3:15 p.m.2 views

CVE-2021-41551

Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...

4.9CVSS5.8AI score0.01274EPSS
Exploits0References3
nvd
nvd
added 2022/01/18 3:15 p.m.24 views

CVE-2021-41550

Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code...

7.2CVSS0.00962EPSS
Exploits0References2
prion
prion
added 2022/01/18 3:15 p.m.20 views

Directory traversal

Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...

4CVSS5.1AI score0.01274EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/01/18 2:46 p.m.24 views

CVE-2021-41550

Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code...

7.3AI score0.00962EPSS
Exploits0References2
cve
cve
added 2022/01/18 2:45 p.m.51 views

CVE-2021-41551

CVE-2021-41551 affects Leostream Connection Broker 9.0.40.17. Administrators can perform a directory traversal by uploading a ZIP file that contains a symbolic link, enabling access to files outside the intended directory. This is supported by Red Hat and NVD entries in the provided documents. Th...

4.9CVSS5.1AI score0.01274EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/01/18 2:45 p.m.26 views

CVE-2021-41551

Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...

5.4AI score0.01274EPSS
Exploits0References2
cnnvd
cnnvd
added 2022/01/18 12:0 a.m.6 views

Leostream Connection Broker 代码问题漏洞

Leostream Connection Broker is a vendor-neutral connection broker from Leostream USA that provides a single interface to manage a range of operating systems, physical and virtual desktops, and display protocols commonly found in enterprise environments. A security vulnerability exists in Leostrea...

7.2CVSS7AI score0.00962EPSS
Exploits0References3
cnnvd
cnnvd
added 2022/01/18 12:0 a.m.6 views

Leostream Connection Broker 后置链接漏洞

Leostream Connection Broker is a vendor-neutral connection broker from Leostream, Inc. that provides a single interface to manage a range of operating systems, physical and virtual desktops, and display protocols commonly found in enterprise environments. A backlink vulnerability exists in...

4.9CVSS5.2AI score0.01274EPSS
Exploits0References3
nvd
nvd
added 2021/08/06 9:15 p.m.25 views

CVE-2021-38157

LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS0.01119EPSS
Exploits1References4
prion
prion
added 2021/08/06 9:15 p.m.24 views

Cross site scripting

UNSUPPORTED WHEN ASSIGNED LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

4.3CVSS6AI score0.01119EPSS
Exploits1References4Affected Software1
vulnrichment
vulnrichment
added 2021/08/06 8:58 p.m.12 views

CVE-2021-38157

LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.9AI score0.01119EPSS
Exploits1References4
cve
cve
added 2021/08/06 8:58 p.m.112 views

CVE-2021-38157

The CVE-2021-38157 entry concerns LeoStream Connection Broker 9.x prior to 9.0.34.3, which is vulnerable to unauthenticated reflected XSS via the /index.pl endpoint using the user parameter. The root cause is improper handling/validation of user-supplied input on that endpoint, enabling an attack...

6.1CVSS5.9AI score0.01119EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2021/08/06 8:58 p.m.29 views

CVE-2021-38157

LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1AI score0.01119EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2021/08/06 12:0 a.m.7 views

PT-2021-21974 · Unknown · Leostream Connection Broker

Name of the Vulnerable Software and Affected Versions: LeoStream Connection Broker versions 9.x before 9.0.34.3 Description: The issue allows Unauthenticated Reflected XSS via the "/index.pl" API endpoint, specifically through the user parameter. This affects products that are no longer supported...

6.1CVSS5.8AI score0.01119EPSS
Exploits1References8
cnnvd
cnnvd
added 2021/08/06 12:0 a.m.5 views

Leostream Connection Broker 跨站脚本漏洞

Leostream Connection Broker is a vendor-neutral connection broker from Leostream, Inc. that provides a single interface to manage a range of operating systems, physical and virtual desktops, and display protocols that are common in enterprise environments. A cross-site scripting vulnerability...

6.1CVSS6AI score0.01119EPSS
Exploits1References4
Rows per page
Query Builder