28 matches found
EUVD-2021-22851
Malware in sbrugna...
EUVD-2021-22854
Malware in sbrugna...
EUVD-2021-22853
Malware in sbrugna...
EUVD-2021-22852
Malware in sbrugna...
CVE-2021-36233
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows by design an authenticated attacker to read arbitrary files from the filesystem by specifying the file path...
CVE-2021-36234
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors...
CVE-2021-36232
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges...
MIK.starlight input validation error vulnerability (CNVD-2021-69611)
MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. MIK.starlight is vulnerable to an input validation error, which could allow an attacker to access arbitrary path files...
MIK.starlight input validation error vulnerability
MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. MIK.starlight is vulnerable to an input validation error, which could allow an attacker to execute operating system commands...
MIK.starlight has unspecified vulnerabilities
MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. A security vulnerability exists in MIK.starlight version 7.9.5.24363, which stems from the use of hard-coded keys in the software, which allows an attacker to decrypt credentials via an unspecifie...
MIK.starlight authorization issue vulnerability
MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. MIK.starlight is vulnerable to authorization issues, which could allow an attacker to escalate privileges through the vulnerability...
CVE-2021-36232
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges...
CVE-2021-36232
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges...
CVE-2021-36233
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows by design an authenticated attacker to read arbitrary files from the filesystem by specifying the file path...
CVE-2021-36234
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors...
CVE-2021-36231
Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects...
Hardcoded credentials
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors...
Authorization
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges...
Deserialization of untrusted data
Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects...
CVE-2021-36233
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows by design an authenticated attacker to read arbitrary files from the filesystem by specifying the file path...