102 matches found
CVE-2022-40778
A stored Cross-Site Scripting XSS vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response...
CVE-2022-40778
A stored Cross-Site Scripting XSS vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response...
Cross site scripting
A stored Cross-Site Scripting XSS vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response...
CVE-2022-40778
CVE-2022-40778 affects OPSWAT MetaDefender ICAP Server prior to 4.13.0. The vulnerability is a stored XSS caused by the blocked page response, allowing an attacker to execute arbitrary JavaScript or HTML. Connected sources confirm the affected product/version and the XSS impact. The entry does no...
CVE-2022-40778
A stored Cross-Site Scripting XSS vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response...
PT-2022-25536 · Opswat · Opswat Metadefender Icap Server
Name of the Vulnerable Software and Affected Versions: OPSWAT MetaDefender ICAP Server versions prior to 4.13.0 Description: A stored Cross-Site Scripting XSS issue allows attackers to execute arbitrary JavaScript or HTML due to the blocked page response. This enables attackers to potentially...
CVE-2022-32272
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation...
Privilege escalation
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation...
CVE-2022-32272
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation...
CVE-2022-32272
CVE-2022-32272 affects OPSWAT MetaDefender Core prior to 5.1.2, MetaDefender ICAP prior to 4.12.1, and MetaDefender Email Gateway Security prior to 5.6.1. The issue is due to incorrect access control, enabling privilege escalation. The Red Hat advisory and related sources confirm the same affecte...
OPSWAT MetaDefender Core 安全漏洞
OPSWAT MetaDefender Core OPSWAT MDCore is a multi-engine anti-malware software from OPSWAT, Inc. It prevents the upload of malicious files on web applications that bypass sandboxes and other detection-based security solutions. A security vulnerability exists in OPSWAT MetaDefender Core MDCore...
CVE-2022-32273
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core MDCore before 5.1.2 could allow an authenticated user to enumerate filenames on the server...
CVE-2022-32273
OPSWAT MetaDefender Core (MDCore) prior to version 5.1.2 is affected. An observable discrepancy in returned messages can allow an authenticated user to enumerate filenames on the server, exposing directory/file names. The vulnerability is tied to the MDCore component and requires authentication. ...
CVE-2022-32273
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core MDCore before 5.1.2 could allow an authenticated user to enumerate filenames on the server...
Mimir - Smart OSINT Collection Of Common IOC Types
Smart OSINT collection of common IOC types. Overview This application is designed to assist security analysts and researchers with the collection and assessment of common IOC types. Accepted IOCs currently include IP addresses, domain names, URLs, and file hashes. The title of this project is nam...
CVE-2018-16275
OPSWAT MetaDefender before v4.11.2 allows CSV injection...
Input validation
OPSWAT MetaDefender before v4.11.2 allows CSV injection...
CVE-2018-16275
CVE-2018-16275 affects OPSWAT MetaDefender prior to 4.11.2 and enables CSV injection. The connected sources consistently state the product and version boundary, identifying the vulnerability as CSV injection in that release line. The CVE details do not provide explicit exploit vectors beyond this...
CVE-2018-16275
OPSWAT MetaDefender before v4.11.2 allows CSV injection...
Limitations of NetScaler Gateway OPSWAT EPA Scan
NetScaler Gateway as such does not have a whitelist or blacklist of products and relies on the OPSWAT for this. If a particular product is not present in the NetScaler predefined expressions then this product is not supported for EPA scans. When using a generic scan OPSWAT scans all the supported...