27 matches found
CVE-2026-28793 Path Traversal Leading to Arbitrary File Read, Write and Delete in TinaCMS
Tina is a headless content management system. Prior to 2.1.8, the TinaCMS CLI development server exposes media endpoints that are vulnerable to path traversal, allowing attackers to read and write arbitrary files on the filesystem outside the intended media directory. When running tinacms dev, th...
EUVD-2018-15626
Malware in sbrugna...
CVE-2022-29953
The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...
CVE-2022-29953
The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...
Hardcoded credentials
The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...
CVE-2022-29953
The CVE-2022-29953 entry concerns the Bently Nevada 3700 series condition monitoring equipment. A maintenance interface on port 4001/TCP uses undocumented, hardcoded credentials, allowing an attacker who can reach the interface to take over its functionality. Affected products include Bently Neva...
CVE-2022-29953
The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality...
PT-2022-3154 · Bently Nevada · Bently Nevada 3700 Series
Name of the Vulnerable Software and Affected Versions: Bently Nevada 3700 series versions through 2022-04-29 Description: The issue is related to the use of hardcoded credentials in the maintenance interface of the Bently Nevada 3700 series. This interface is accessible on port 4001/TCP. An...
CVE-2019-12117
An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...
Code injection
An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...
CVE-2018-3841
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 0x69. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and its use can lead to a null pointer dereference. The IT...
CVE-2018-3840
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 0x67. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read by the application is not validated, and its use can lead to a null pointer...
Null pointer dereference
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 0x69. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and its use can lead to a null pointer dereference. The IT...
CVE-2018-3841
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 0x69. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and its use can lead to a null pointer dereference. The IT...
CVE-2018-3840
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 0x67. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read by the application is not validated, and its use can lead to a null pointer...
CVE-2018-3840
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 0x67. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read by the application is not validated, and its use can lead to a null pointer...
CVE-2018-3841
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 0x69. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and its use can lead to a null pointer dereference. The IT...
CVE-2018-3841
Pixar Renderman IT Display Service 21.6 is affected by a denial-of-service vulnerability in the parsing of a network packet, triggered when the service reads data from a socket on port 4001 without proper validation. This can lead to a null pointer dereference and a crash when processing a 0x69 c...
PT-2018-16235 · Pixar · Pixar Renderman It Display Service
Name of the Vulnerable Software and Affected Versions: Pixar Renderman IT Display Service version 21.6 Description: A denial-of-service issue exists due to improper validation of network packets. The application listens for connections on port 4001 after being opened by a user. An attacker can...
PT-2018-16234 · Pixar · Pixar Renderman It Display Service
Name of the Vulnerable Software and Affected Versions: Pixar Renderman IT Display Service version 21.6 Description: A denial-of-service issue exists due to improper validation of network packets. The application listens for connections on port 4001 after being opened by a user. An attacker can...