SecurePoint UTM 12.x Session ID Leak

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2023-01-05 Date...

CVE-2023-30638

Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape BCF 10 before 10R10.7.0 allow remote authenticated admins to inject commands...

CVE-2022-27487

A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS...

Security Bulletin: Vulnerability in Apache Kafka may affect IBM Business Automation Workflow - CVE-2023-25194

Summary IBM Business Automation Workflow packages a copy Apache Kafka client library. A security vulnerability has been reported for the same version of Apache Kafka. Vulnerability Details CVEID:CVE-2023-25194 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to execute...

CVE-2022-36975

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can...

CVE-2022-36972

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of SQL queries composed from a user-supplied string. An attacker can...

Design/Logic Flaw

A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remote authenticated administrators to get secret values. The vulnerability affects the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP QVR Pro appliances...

Sales Tracker Management System - Cross Site Scripting Vulnerability

A reflected Cross Site Scripting vulnerability in the "page" parameter in Sales Tracker Management System allows remote authenticated users to execute JavaScript code. Description A reflected Cross Site Scripting vulnerability in the "page" parameter in Sales Tracker Management System allows remo...

CVE-2023-27873

IBM Aspera Faspex 4.4.2 could allow a remote authenticated attacker to obtain sensitive credential information using specially crafted XML input. IBM X-Force ID: 249654...

VulnCheck KEV: CVE-2023-30801

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and...

CVE-2023-1464

A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file Users.php?f=saveuser. The manipulation of the argument firstname/middlename/lastname/username/password leads to improper authentication. It is...

PT-2023-16998 · Unknown · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue has been found in the Password Change Handler component, specifically affecting the file admin/ajax.php?action=save user. This leads to improper...

The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanism lies in errors during pointer assignment, allowing attackers to trigger an octath in the service.

The vulnerability of the BIG-IP Access Policy Manager’s access control and remote authentication mechanisms is related to pointer aliasing errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

CVE-2023-22759

Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to full...

CVE-2023-22425

CVE-2023-22425 concerns SHIRASAGI: a stored cross-site scripting (CWE-79) in the Schedule function affects SHIRASAGI v1.16.2 and earlier. The vulnerability allows a remote authenticated attacker to inject arbitrary script, with impact that an arbitrary script may execute in a user’s browser when ...

CVE-2022-48341

ThingsBoard 3.4.1 could allow a remote authenticated attacker to achieve Vertical Privilege Escalation. A Tenant Administrator can obtain System Administrator dashboard access by modifying the scope via the scopes parameter...

K16009: OpenSSH vulnerability CVE-2014-9278

Security Advisory Description The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended...

K16861: BIG-IQ remote authentication vulnerability CVE-2015-4637

Security Advisory Description When remote authentication is configured on the BIG-IQ system for a LDAP server that allows anonymous BIND operations, a unauthenticated user may obtain an authentication token from the REST API for any known or guessed LDAP user account and will receive all the acce...

CVE-2023-0905

A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function of the file changePasswordForEmployee.php. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has...

SUSE CVE-2004-0590

FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS7 certificates in which a self-signed certificate identifies an alternate...