The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Enforcement Manager, BIG-IP Orchestrator, allow a perpetrator to access confidential data.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Hybrid Defender, BIG-IP Domain Name System, BIG-IP Fraud Protection Service, BIG-IP Link...

The vulnerability of the software for server-based web applications, LiteSpeed and OpenLiteSpeed, allows a perpetrator to execute arbitrary code.

The vulnerability of the LiteSpeed and OpenLiteSpeed web application server software relates to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the ImageMagick graphic editor lies in errors during the processing of input data, allowing attackers to gain access to protected information.

The vulnerability of the ImageMagick graphic editor is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to protected information using the “profile” parameter...

The vulnerability of ManageEngine’s software products is related to errors in processing input data, which allow attackers to execute arbitrary code.

The vulnerability of ManageEngine’s software is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted SAML request remotely...

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 microprogramming system allows a hacker to disable the device (with subsequent automatic reboot) or execute arbitrary code.

The vulnerability of the EndType parameter in the web interface of the POWER METER SICAM Q100 measurement software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to disable the device remotely, causing it to shut down automatically, or execute...

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, TN-4900, and TN-5916 router microprogramming devices allows attackers to execute arbitrary code.

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, TN-4900, and TN-5916 microprogrammed service routers stems from errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted HTTP/HTT...

The vulnerability in the web interface of the Cisco DNA Center allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco DNA Center’s web interface is related to errors in processing requests. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by sending specially crafted requests...

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, and TN-4900 router software allows a perpetrator to execute arbitrary code.

The vulnerability of the command interpreter in Moxa EDR-810, EDR-G902, EDR-G903, and TN-4900 router software-based web services is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

USN-5736-2 imagemagick vulnerabilities

USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu...

PT-2022-5263 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.1R3-S9 Junos OS versions 19.2 prior to 19.2R3-S6 Junos OS versions 19.3 prior to 19.3R3-S7 Junos OS versions 19.4 prior to 19.4R2-S7, 19.4R3-S8 Junos OS versions 20.1 prior to 20.1R3-S5 Junos OS versions 20.2 pri...

The vulnerability of the ruby-mysql library, related to errors in processing hypertext links, allows attackers to gain access to confidential data.

The vulnerability of the ruby-mysql library is related to errors in processing hypertext links. Exploiting this vulnerability allows an attacker who operates remotely to gain access to confidential data...

The vulnerability in the web interface of the Cisco Webex App, a software platform for collaborative work, allows a perpetrator to compromise data integrity.

The vulnerability of the Cisco Webex App’s web interface is related to errors in processing images of various symbols. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...

The vulnerability of Eclipse Jetty servlet containers, related to errors in information processing, allows attackers to gain unauthorized access to protected information.

The vulnerability of Eclipse Jetty servlet containers is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Wi-Fi router software WS7200-10, related to ICMP packet processing errors, allows a intruder to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Wi-Fi router software WS7200-10 is related to ICMP packet processing errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

The vulnerability of the XMLRPC API interface of the Movable Type content management system allows attackers to execute arbitrary commands.

The vulnerability of the XMLRPC API interface of the Movable Type content management system is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the Modbus TCP protocol implementation in microprogrammed software for programmable logic controllers from Schneider Electric, such as Modicon M340, M580, MC80, Modicon Momentum MDI, Legacy Modicon Quantum, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Modbus TCP protocol implementation in microprogrammed logic controllers from Schneider Electric, such as Modicon M340, M580, MC80, Modicon Momentum MDI, and Legacy Modicon Quantum, is related to errors in information processing. Exploiting this vulnerability can allow an...

The vulnerability of the Computational Fluid Dynamics Simcenter STAR-CCM+ software for simulation applications is related to errors in information processing. This vulnerability allows attackers to gain unauthorized access to protected information about the host and the names of users being displayed by the software.

The vulnerability of the Computational Fluid Dynamics Simulation software, Simcenter STAR-CCM+, is related to errors in information processing. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information about the host and the identities of the...

The vulnerability of the StorageGRID object storage software, related to errors in information processing, allows a perpetrator to gain unauthorized access to protected information or modify the content of notifications.

The vulnerability of the StorageGRID object storage software lies in errors during information processing. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information or modify the content of notifications...

PT-2022-4100 · Netapp · Storagegrid

Name of the Vulnerable Software and Affected Versions: StorageGRID versions 11.6.0 through 11.6.0.2 Description: The issue is related to errors in information processing, which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN allows a malicious actor to execute arbitrary code in the context of the root user or to cause service interruptions. This vulnerability is related to errors in the processing of input data.

The vulnerability of the web-based management interface for Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN software lies in errors during the processing of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the root user or cause...