CVE-2022-23403

Improper input validation in the IntelR Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2021-22801

A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configured with specially crafted event actions. Affected Product: ConneXium Network Manager Software All Versions...

Privilege escalation

A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configured with specially crafted event actions. Affected Product: ConneXium Network Manager Software All Versions...

CVE-2021-22801

CVE-2021-22801 affects Schneider Electric ConneXium Network Manager (CNM) Software (all versions). It is a CWE-269 Improper Privilege Management vulnerability that could permit arbitrary command execution when CNM is configured with specially crafted event actions. Reported as CVSSv3 base 7.8 (AV...

Information Disclosure

hadoop-hdds-container-service is vulnerable to information disclosure. an attacker can modify ratis replication configuration through the server-to-server RPC endpoint by downloading the raw data from the data node and ozone manager...

Schneider Electric ConneXium Network Manager Software 安全漏洞

Schneider Electric ConneXium Network Manager Software Schneider Electric Cnm is an industrial Ethernet network management software from Schneider Electric France. A security vulnerability exists in Schneider Electric ConneXium Network Manager Software that stems from a privilege management issue...

SSRF attacks via tracebacks in Plone

Plone before 5.2.3 allows SSRF attacks via the tracebacks feature only available to the Manager role...

CVE-2020-3504 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

CVE-2020-4338

IBM MQ 9.1.4 could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. IBM X-Force ID: 177937...

Input validation

A vulnerability in the local management local-mgmt CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system OS of an affected device. The vulnerability is due to insufficient input...

CVE-2020-3171

The CVE-2020-3171 entry covers Cisco FXOS and Cisco UCS Manager Software Local Management CLI Command Injection caused by insufficient input validation in the local-mgmt CLI. An authenticated, local attacker can run arbitrary commands on the device’s underlying OS; on most platforms this occurs w...

CVE-2020-3173 Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system OS on an affected device. The vulnerability is due to insufficient input validation of command...

PT-2020-1992 · Cisco · Cisco Fxos +3

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software versions affected versions not specified Cisco UCS Manager Software versions affected versions not specified Description: The issue is related to insufficient input validation in the command-line interface of Cisco FXOS...

CVE-2018-19896

ThinkCMF X2.2.2 has SQL Injection via the function delete in SlideController.class.php and is exploitable with the manager privilege via the ids parameter in a slide action...

Cisco Unified Communications Domain Manager Software Cross-Site Scripting Vulnerability

Cisco Unified Communications Domain Manager Software is the United States Cisco Cisco company developed a dedicated call processing components in the unified communications solution. The component has scalable, distributable, and highly available enterprise voice-over-IP call processing...

CVE-2018-0386

A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on an affected system. The vulnerability is due to improper validation of input that is passed to the affected software. An attacker...

CVE-2018-0386

A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on an affected system. The vulnerability is due to improper validation of input that is passed to the affected software. An attacker...

CVE-2018-0386

Cisco Unified Communications Domain Manager Software contains a cross-site scripting (XSS) vulnerability (CVE-2018-0386) due to improper input validation. A remote, unauthenticated attacker can lure a user to a malicious URL to access sensitive information or perform actions in the user’s securit...

CVE-2017-8990

A remote code execution vulnerability was identified in HPE Intelligent Management Center iMC Wireless Service Manager WSM Software earlier than version WSM 7.3 E0506. This issue was resolved in HPE IMC Wireless Services Manager Software IMC WSM 7.3 E0506P01 or subsequent version...

CVE-2018-6494

Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data...