16 matches found
EUVD-2018-0870
Malware in sbrugna...
EUVD-2008-6065
Malware in sbrugna...
EUVD-2016-7477
Malware in sbrugna...
EUVD-2012-0959
Malware in sbrugna...
EUVD-2021-12792
Malware in sbrugna...
EUVD-2016-7476
Malware in sbrugna...
EUVD-2022-3107
Malicious code in bioql PyPI...
EUVD-2022-3388
Malicious code in bioql PyPI...
CVE-2021-25933
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting, since t...
CVE-2021-25931
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at...
CVE-2021-25929
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since...
CVE-2021-25934
In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulnerable to Stored Cross-Site Scripting, since the...
CVE-2020-12760
An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian before 2018.1.19 and 2019 before 2019.1.7. The ActiveMQ channel configuration allowed for arbitrary deserialization of Java objects aka ActiveMQ Minion payload deserialization, leading to remote code execution for any...
CVE-2016-6556
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This...
CVE-2021-25929
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since...
The vulnerability of the OpenNMS monitoring system, a network management platform from Juniper Networks Junos Space, arises due to insufficient protection of the website structure. This allows attackers to disclose protected information or perform actions on behalf of the administrator.
The vulnerability of OpenNMS, which is included in the Juniper Networks Junos Space network management platform, stems from insufficient protection of the website structure. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or carry out actions on behalf ...