28 matches found
EUVD-2021-22853
Malware in sbrugna...
EUVD-2021-22851
Malware in sbrugna...
EUVD-2021-22854
Malware in sbrugna...
EUVD-2021-22852
Malware in sbrugna...
CVE-2021-36233
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows by design an authenticated attacker to read arbitrary files from the filesystem by specifying the file path...
CVE-2021-36234
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors...
CVE-2021-36232
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges...
MIK.starlight input validation error vulnerability (CNVD-2021-69611)
MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. MIK.starlight is vulnerable to an input validation error, which could allow an attacker to access arbitrary path files...
MIK.starlight input validation error vulnerability
MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. MIK.starlight is vulnerable to an input validation error, which could allow an attacker to execute operating system commands...
MIK.starlight authorization issue vulnerability
MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. MIK.starlight is vulnerable to authorization issues, which could allow an attacker to escalate privileges through the vulnerability...
MIK.starlight has unspecified vulnerabilities
MIK.starlight is the departmental access and creation dashboard, reporting and planning environment. A security vulnerability exists in MIK.starlight version 7.9.5.24363, which stems from the use of hard-coded keys in the software, which allows an attacker to decrypt credentials via an unspecifie...
CVE-2021-36232
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges...
CVE-2021-36233
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows by design an authenticated attacker to read arbitrary files from the filesystem by specifying the file path...
CVE-2021-36234
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors...
CVE-2021-36232
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges...
CVE-2021-36231
Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects...
Deserialization of untrusted data
Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects...
Authorization
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges...
Hardcoded credentials
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors...
CVE-2021-36233
CVE-2021-36233 affects MIK.starlight prior to any explicit patch details in the provided docs, where the function AdminGetFirstFileContentByFilePath (version 7.9.5.24363) allows an authenticated attacker to read arbitrary filesystem files by supplying a file path. The root cause is an input handl...