Privilege Escalation Flaw Patched in Schneider Wonderware

Data analysis and visualization software deployed inside a larger operational intelligence software sold by Schneider Electric has been patched against a critical privilege escalation vulnerability. The vulnerability was discovered in-house by Schneider Electric engineers in the Tableau...

The vulnerability of the iOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Local Authentication component in the iOS operating system is related to security configuration errors. Exploiting this vulnerability can allow an attacker, operating locally, to compromise the confidentiality, integrity, and accessibility of protected information by...

CVE-2017-5178

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials...

Default credentials

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials...

CVE-2017-5178

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials...

CVE-2017-5178

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials...

CVE-2016-7601

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Local Authentication" component, which does not honor the configured screen-lock time interval if the Touch ID prompt is visible...

CVE-2016-7601

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Local Authentication" component, which does not honor the configured screen-lock time interval if the Touch ID prompt is visible...

CVE-2016-7601

Affected product: iOS before 10.2; Local Authentication logic issue where the idle timer is not honored when the Touch ID prompt is visible. Root cause: idle-timer handling when Touch ID prompt appears, allowing prolonged unlocked state. Impact: a nearby or local user could potentially access thr...

CVE-2016-7601

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Local Authentication" component, which does not honor the configured screen-lock time interval if the Touch ID prompt is visible...

Huawei Smart Phones Local Authentication Bypass Vulnerability

Huawei Nice is a smartphone from the Chinese company Huawei Huawei. A local authentication bypass vulnerability exists in Huawei Smart Phones. An attacker can flash or restore the phone to factory settings by following certain steps. Due to the lack of authentication in the "phone recovery"...

The vulnerability of the embedded software of the programmable logic controller OVEEN PLK110 allows a perpetrator to gain access without entering a password.

The vulnerability of the embedded software of the OVEEN PLK110 programmable logic controller is related to the resetting of the set password level when power is disconnected. Exploiting this vulnerability allows an intruder, operating locally, to authenticate without entering a password, due to t...

Local Authentication Bypass Vulnerability in Multiple McAfee Products

McAfee SIEM Enterprise Security Manager and SIEM Event Receiver are both products of McAfee, Inc. McAfee SIEM Enterprise Security Manager provides intelligent, fast, and accurate security and information SIEM and log management. SIEM Event Receiver collects third-party events and logs and...

Apple iOS < 10.2 Multiple Vulnerabilities

Binary data 9847.prm...

Apple iOS < 10.2 Multiple Vulnerabilities

Binary data appleios102check.nbin...

AIX 7.1 TL 4 : lsmcode (IV88007)

https://vulners.com/cve/CVE-2016-3053 IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory...

ZKTeco ZKBioSecurity 3.0 - (visLogin. jsp) Local Authentication bypass

No description provided by source...

ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass

Exploit for jsp platform in category web applications ZKTeco ZKBioSecurity 3.0 visLogin.jsp Local Authorization Bypass Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 3.0.1.0R230 Platform: 3.0.1.0R230...

The vulnerability of Cisco Adaptive Security Appliance’s microprogramming software allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of Cisco Adaptive Security Appliance’s microprogramming software is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor, who operates locally and has completed the authentication process, to cause service failures or execute arbitrary code by enteri...

Juniper Junos Local Authentication Bypass Vulnerability

Juniper Junos is a network operating system dedicated to the company's hardware systems. A security vulnerability exists in Juniper Junos that could be exploited by a local attacker to submit a special request to bypass the authentication mechanism and perform an unauthorized operation...