Lucene search
+L

113 matches found

BDU FSTEC
BDU FSTEC
added 2023/12/22 12:0 a.m.6 views

The vulnerability of the NodeManagerOpcUa object handler of the Unified Automation UaGateway software migration tool allows a attacker to execute arbitrary code.

The vulnerability of the NodeManagerOpcUa object handler in the Unified Automation UaGateway migration software lies in the possibility of exploiting memory after it is released. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.1CVSS8.1AI score0.01853EPSS
Exploits0References5Affected Software1
Hacker One
Hacker One
added 2022/10/07 10:40 p.m.34 views

Liberapay: Email Address Exposure via Gratipay Migration Tool

Through the /migrate route, an attacker can input the username of any user on the site and retrieve their primary email address without any authorization required. Steps to reproduce: Note: This cannot be performed with hackerone-target, because that account seems to return a None as an email. 1...

6.8AI score
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.18 views

Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability

Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution...

8.8CVSS8.9AI score0.10793EPSS
In wildExploits0
NVD
NVD
added 2021/03/11 7:15 a.m.24 views

CVE-2021-28132

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool in the Support section allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI...

9.8CVSS0.03153EPSS
Exploits1References1
OSV
OSV
added 2021/03/11 7:15 a.m.5 views

CVE-2021-28132

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool in the Support section allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI...

9.8CVSS6.3AI score0.03153EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2021/03/11 7:15 a.m.2 views

CVE-2021-28132

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool in the Support section allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI...

9.8CVSS9.2AI score0.03153EPSS
Exploits1References2
Prion
Prion
added 2021/03/11 7:15 a.m.17 views

Remote code execution

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool in the Support section allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI...

7.5CVSS9.8AI score0.03153EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/11 6:33 a.m.21 views

CVE-2021-28132

LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution because the Migration Tool in the Support section allows upload of .php files within a system.tar.gz file. The .php file becomes accessible with a public/system/static URI...

10AI score0.03153EPSS
Exploits1References1
Citrix
Citrix
added 2020/11/09 12:0 a.m.11 views

Session Recording Migration Tool

Description Use the Session Recording migration tool to facilitate the migration from SmartAuditor to Session Recording. The tool processes the SmartAuditor legacy recording files, and extracts and rebuilds metadata in the Session Recording Database to support the search and playback of the legac...

7.1AI score
Exploits0
OSV
OSV
added 2020/09/30 10:1 a.m.11 views

MGASA-2020-0378 Updated Thunderbird packages fix security vulnerabilities

AppCache manifest poisoning due to url encoded character processing CVE-2020-12415. Use-after-free in WebRTC VideoBroadcaster CVE-2020-12416. Integer overflow in nsJPEGEncoder::emptyOutputBuffer CVE-2020-12422. WebRTC permission prompt could have been bypassed by a compromised content process...

9.3CVSS8.3AI score0.01961EPSS
Exploits2References14
OSV
OSV
added 2020/09/29 12:15 a.m.7 views

CVE-2020-25774

A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to trigger an out-of-bounds red information disclosure which would disclose sensitive information to an unprivileged account. User interaction is required to exploit this vulnerability in that the...

4.3CVSS5.7AI score0.02059EPSS
Exploits0References2
OSV
OSV
added 2020/09/29 12:15 a.m.4 views

CVE-2020-25773

A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file...

7.8CVSS7.4AI score
Exploits0References2
CNVD
CNVD
added 2020/09/27 12:0 a.m.3 views

Trend Micro Apex One Remote Code Execution Vulnerability

Trend Micro Apex One is an endpoint protection solution that offers the broadest range of protection capabilities, including high-accuracy machine learning and advanced ransomware protection. A remote code execution vulnerability exists in DAT file parsing in the ServerMigrationTool component of...

7.8CVSS8.2AI score0.02382EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/27 12:0 a.m.5 views

Trend Micro Apex One Information Disclosure Vulnerability (CNVD-2020-58784)

Trend Micro Apex One is an endpoint protection solution that offers the broadest range of protection capabilities, including high-accuracy machine learning and advanced ransomware protection. An information disclosure vulnerability exists in the parsing of ZIP files in the ServerMigrationTool...

4.3CVSS6.2AI score0.02059EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/07/15 12:0 a.m.7 views

The vulnerability of the Configuration The Expedition Migration tool, which involves manipulating cross-site requests, allows a hacker to replace the user during a session and execute arbitrary code.

The vulnerability of the The Expedition Migration tool relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to replace the user during an session and execute arbitrary code...

9.3CVSS7.8AI score0.0051EPSS
Exploits0References3Affected Software1
Citrix
Citrix
added 2020/04/16 12:0 a.m.12 views

How to Troubleshoot Workspace Environment Management (WEM) Database Migration to Citrix Cloud

The October 2018 release of the Workspace Environment Management service included the Citrix WEM Migration Tool. The purpose of this tool is to allow customers to migrate their on-premise WEM deployment database to the Workspace Environment Management service in Citrix Cloud. Note: Before using...

7AI score
Exploits0
CNVD
CNVD
added 2020/03/19 12:0 a.m.3 views

Unspecified vulnerability in Trend Micro Apex One and OfficeScan XG migration tool components

Trend Micro OfficeScan XG, etc. are all products of Trend Micro, Inc. Trend Micro OfficeScan XG is a suite of distributed anti-virus software.Apex One is a suite of endpoint security protection software that provides automated threat detection and response capabilities. A security vulnerability...

8.8CVSS7.5AI score0.10793EPSS
Exploits0References1
OSV
OSV
added 2020/03/18 1:15 a.m.2 views

CVE-2020-8467

A migration tool component of Trend Micro Apex One 2019 and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations RCE. An attempted attack requires user authentication...

8.8CVSS7.7AI score0.10793EPSS
Exploits0References3
NVD
NVD
added 2020/03/18 1:15 a.m.15 views

CVE-2020-8467

A migration tool component of Trend Micro Apex One 2019 and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations RCE. An attempted attack requires user authentication...

8.8CVSS8.9AI score0.10793EPSS
Exploits0References3
Prion
Prion
added 2020/03/18 1:15 a.m.13 views

Design/Logic Flaw

A migration tool component of Trend Micro Apex One 2019 and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations RCE. An attempted attack requires user authentication...

6.5CVSS8.9AI score0.10793EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder