PT-2025-38601

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1002 Vasion Print formerly PrinterLogic Application versions prior to 20.0.2614 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and...

Vasion Print Virtual Appliance Host和Vasion Print Application 安全漏洞

Vasion Print Virtual Appliance Host and Vasion Print Application are both products of Vasion Corporation of the U.S.A. Vasion Print Virtual Appliance Host is a print management software.Vasion Print Application is a printer management application. A security vulnerability exists in Vasion Print...

CVE-2019-8121

An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries Bootstrap, jquery, Knockout with known security vulnerabilities...

Azure Linux 3.0 Security Update: cri-tools / docker-buildx / kubernetes / opa / prometheus (CVE-2023-45142)

The version of cri-tools / docker-buildx / kubernetes / opa / prometheus installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45142 advisory. - OpenTelemetry-Go Contrib is a collection of third-party...

WordPress WooCommerce Multiple Customer Addresses & Shipping Plugin < 24.9 is vulnerable to Multiple Vulnerabilities

Software WooCommerce Multiple Customer Addresses & Shipping Type Plugin Vulnerable versions 24.9 Fixed in 24.9 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Multiple Vulnerabilities CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2a12b42bb04b...

WordPress PDF Embedder Plugin <= 4.7.1 is vulnerable to Cross Site Scripting (XSS)

Software PDF Embedder Type Plugin Vulnerable versions = 4.7.1 Fixed in 4.8.0 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7794a505b744 Credits m3ez Required...

CVE-2024-25103

This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system. Successful exploitation of this vulnerability could allow the attacker to...

Design/Logic Flaw

This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system. Successful exploitation of this vulnerability could allow the attacker to...

CVE-2024-25103

CVE-2024-25103 affects AppSamvid software, with DLL hijacking as the underlying vector due to vulnerable/outdated components. Local administrative privileges are required to place malicious DLLs on the target system, enabling arbitrary code execution if exploited. The available connected document...

PT-2024-20751 · Appsamvid · Appsamvid

Name of the Vulnerable Software and Affected Versions: AppSamvid affected versions not specified Description: The issue exists due to the usage of vulnerable and outdated components in the software. An attacker with local administrative privileges could exploit this by placing malicious DLLs on t...

Infiray IRAY-A8Z3 thermal camera 安全漏洞

The Infiray IRAY-A8Z3 thermal camera is a thermal camera from the Chinese company Infiray. A security vulnerability exists in the Infiray IRAY-A8Z3 thermal camera version 1.0.957, which originates from the use of hard-coded Web credentials, authenticated remote code execution, buffer overflow,...

Infiray IRAY-A8Z3 thermal camera 安全漏洞

The Infiray IRAY-A8Z3 thermal camera is a thermal camera from the Chinese company Infiray. A security vulnerability exists in the Infiray IRAY-A8Z3 thermal camera version 1.0.957, which originates from the use of hard-coded Web credentials, authenticated remote code execution, buffer overflow,...

OWASP Top 10 Deep Dive: Getting a Clear View on Vulnerable and Outdated Components

Most of us think of climbing the ladder as a good thing — but when the ladder in question is OWASP's Top 10 list of application security risks, a sudden upward trajectory is cause for alarm rather than encouragement. In the 2021 edition of the OWASP list, vulnerable and outdated components moved ...

The 2021 OWASP Top 10 Have Evolved: Here's What You Should Know

Late last week, the Open Web Application Security Project OWASP released its top 10 list of critical web application security risks. The last OWASP Top 10 came out in 2017, and in the intervening 4 years, we've seen a fundamental shift in application security that includes greater emphasis on...

Advantech Spectre RT Industrial Routers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: Spectre RT Industrial Routers Vulnerabilities: Improper Neutralization of Input During Web Page Generation, Cleartext Transmission of Sensitive Information, Improper...

Cisco VoIP Script Insertion / Weak Passwords / Undocumented Functionality

Cisco VoIP phone such as models 88XX suffer from script insertion, weak and hard-coded passwords, undocumented debug functionality, and various outdated components with known vulnerabilities. ======================================================================= title: Multiple Vulnerabilities...

Cisco VoIP Script Insertion / Weak Passwords / Undocumented Functionality

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Cisco VoIP Phones, e.g. models 88XX vulnerable version: See list of vulnerable devices/firmwares below fixed version: 12.5.1 MN CVE...

CVE-2018-17890

NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution...

Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Vulnerabilities

Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities. Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Hi @ll, the executable installer of the Intel Extreme Tuning Utility, version 6.4.1.2...

Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation

Hi @ll, the executable installer of the Intel Extreme Tuning Utility, version 6.4.1.23 Latest, released 5/18/2018, available from via is SURPRISE! vulnerable. CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H Vulnerability 0: ================= The executable installer XTU-Setup.exe comes with at least...