42 matches found
EUVD-2022-37405
Malicious code in bioql PyPI...
EUVD-2022-37404
Malicious code in bioql PyPI...
EUVD-2022-37406
Malicious code in bioql PyPI...
EUVD-2022-37407
Malicious code in bioql PyPI...
EUVD-2022-37403
Malicious code in bioql PyPI...
EUVD-2022-37401
Malicious code in bioql PyPI...
Dell PowerPath Management Appliance 代码问题漏洞
Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A code issue vulnerability exists in Dell PowerPath Management Appliance versions 7.0, 7.1, and 7.2. An...
CVE-2022-34450
PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root...
CVE-2022-34449
PowerPath Management Appliance with versions 3.3 & 3.2 contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application...
CVE-2022-34450
PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root...
CVE-2022-34446
PowerPath Management Appliance with versions 3.3 & 3.2 contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges e.g., of role Monitoring can exploit this issue and gain access to sensitive information, and modify the configuration...
CVE-2022-34447
PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user...
CVE-2022-34448
PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions...
CVE-2022-34446
PowerPath Management Appliance with versions 3.3 & 3.2 contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges e.g., of role Monitoring can exploit this issue and gain access to sensitive information, and modify the configuration...
CVE-2022-34448
PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions...
Cross site request forgery (csrf)
PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions...
Authorization
PowerPath Management Appliance with versions 3.3 & 3.2 contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges e.g., of role Monitoring can exploit this issue and gain access to sensitive information, and modify the configuration...
CVE-2022-34451
PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to...
CVE-2022-34451
PowerPath Management Appliance (Dell) is affected by a Stored Cross‑site Scripting vulnerability. Affects versions 3.3, 3.2*, 3.1, and 3.0*; the issue is exploitable by an authenticated admin user who could hijack user sessions or induce a victim application user to issue arbitrary requests to th...
CVE-2022-34451
PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to...