Authentication flaw

In LabCup before v2next18022, it is possible to use the save API to perform unauthorized actions for users without access to user management in order to, after successful exploitation, gain access to a victim's account. A user without the user-management privilege can change another user's email...

SUSE: Security Advisory (SUSE-SU-2018:3815-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3813-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenVPN 代码问题漏洞

Openvpn OpenVPN is a software package for creating virtual private network VPN encrypted tunnels from the US-based OpenVPN Openvpn, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using a public key, an e-certificate, or a...

Vulnerabilities fixed in Cisco ASR 5000 series

Cisco has fixed vulnerabilities in StarOS as used by ASR 5000-series devices. The vulnerabilities allow an authenticated remote malicious party able to further authentication to bypass and execute restricted unauthenticated commands execute. To do this, the malicious party must send rogue SSH...

McAfee 数据库 安全漏洞

Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with an overall view of their database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...

CVE-2021-29091

The vulnerability CVE-2021-29091 affects Synology Photo Station prior to 6.8.14-3500. It is a Path Traversal in the file management component that improperly limits the destination path, allowing remote authenticated users to write arbitrary files via unspecified vectors. Impact is information ab...

FortiWeb OS Command Injection Vulnerability

FortiWeb is a Web Application Firewall WAF that protects hosted web applications from attacks targeting known and unknown vulnerabilities. An OS command injection vulnerability exists in the management interface of FortiWeb. A remote authenticated attacker could exploit this vulnerability to...

Path traversal

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in PDF Viewer component in Synology DiskStation Manager DSM before 6.2.4-25553 allows remote authenticated users to read limited files via unspecified vectors...

Synology Download Station 代码问题漏洞

Synology Download Station is a browser extension. It allows you to browse the Download Center suite of active and downloaded tasks and add tasks without accessing the web version of Synology. A server-side request forgery vulnerability exists in Synology Download Station before 3.8.15-3563, which...

Lasso 数据伪造问题漏洞

Lasso is an eBay open source Node.js-style JavaScript module bundler. The tool offers many different optimizations such as bundling, code splitting, delayed loading, conditional dependencies, and more. A security vulnerability exists in Lasso SAML, which is formed from improper privilege manageme...

CVE-2021-32539 Hundred Plus 101EIP - Stored XSS-1

Add event in calendar function in the 101EIP system does not filter special characters in specific fields, which allows remote authenticated users to inject JavaScript and perform a stored XSS attack...

CVE-2021-33510

Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file...

SearchBlox File Inclusion Vulnerability

SearchBlox is an application from US-based SearchBlox, Inc. Provides a powerful enterprise search architecture for on-premise or cloud deployments. A security vulnerability exists in SearchBlox versions prior to 9.2.2 that allows remote, unauthenticated users to read arbitrary files from the...

Liferay DXP Denial of Service Vulnerability

Liferay DXP is a suite of digital experience collaboration platforms from Liferay USA. A security vulnerability exists in Liferay DXP versions prior to 7.3, which can be exploited by an attacker to prevent any user authentication from passing before remote authentication...

Sql injection

Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1 allow remote authenticated users to execute arbitrary SQL commands via the classPKField parameter to 1 CommerceChannelRelFinder.countByCC, or 2 CommerceChannelRelFinder.findByCC...

Liferay DXP 安全漏洞

Liferay DXP is a suite of digital experience collaboration platforms from Liferay USA. A security vulnerability exists in Liferay DXP versions prior to 7.3, which can be exploited by an attacker to prevent any user authentication from passing before remote authentication...

DEBIAN-CVE-2021-32056

Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall...

CVE-2021-29203

CVE-2021-29203 affects HPE Edgeline Infrastructure Manager prior to version 1.22. The connected Nuclei template documents an authentication bypass vulnerability that could be remotely exploited to bypass remote authentication, potentially allowing execution of arbitrary commands, gaining privileg...

Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool

Hewlett Packard Enterprise HPE is urging customers to patch one of its premier edge application management tools that could allow an attacker to carry out a remote authentication bypass attack and infiltrate a customer’s cloud infrastructure. Join Threatpost for “Fortifying Your Business Against...