8 matches found
CVE-2026-25937 GLPI has a MFA bypass
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malicious actor with knowledge of a user's credentials can bypass MFA and steal their account. Version 11.0.6 fixes the issue...
📄 Ivanti 11.10 MobileIron Vulnerability Scanner
This PHP-based scanner detects unauthenticated access vulnerabilities in Ivanti EPMM / MobileIron products. The issue allows attackers to retrieve sensitive user information via exposed API endpoints. Version 11.10 is affected...
Commvault Command Center Innovation Release 11.38 Remote Code Execution
Commvault Command Center Innovation Release version 11.38 proof of concept pre-authentication remote code execution exploit...
Citrix XenMobile Server 命令注入漏洞
Citrix Systems Citrix XenMobile Server is a mobility management solution from Citrix Systems. The solution enables the management of mobile devices, the development of mobile policies and compliance rules, and insight into the operation of mobile cellular networks. A command injection vulnerabili...
PT-2022-17697 · Citrix · Citrix Xenmobile Server
Name of the Vulnerable Software and Affected Versions: Citrix XenMobile Server versions 10.12 through RP11 Citrix XenMobile Server versions 10.13 through RP7 Citrix XenMobile Server versions 10.14 through RP4 Description: The issue allows Command Injection. Recommendations: For versions 10.12...
PT-2021-12654 · Freebsd +1 · Freebsd +2
Name of the Vulnerable Software and Affected Versions: FreeBSD versions 11.3-RELEASE through 11.3-RELEASE before p13 FreeBSD versions 11.4-RELEASE through 11.4-RELEASE before p3 FreeBSD versions 12.1-RELEASE through 12.1-RELEASE before p9 FreeBSD versions 11.4-STABLE through 11.4-STABLE before...
CVE-2018-0316
A vulnerability in the Session Initiation Protocol SIP call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of...
CVE-2017-3866
A vulnerability in the web framework code of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. More Information: CSCvc79842 CSCvc79846 CSCvc79855 CSCvc79873...