4419 matches found
The vulnerability of the iControl SOAP interface for access control and remote authentication in BIG-IP allows a perpetrator to execute arbitrary code.
The vulnerability of the iControl SOAP interface for access control and remote authentication in BIG-IP involves the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
CVE-2023-6342
Tyler Technologies Court Case Management Plus allows a remote attacker to authenticate as any user by manipulating at least the 'CmWebSearchPfp/Login.aspx?xyzldk=' and 'payforprintCM/Redirector.ashx?userid=' parameters. The vulnerable "pay for print" feature was removed on or around 2023-11-01...
CVE-2020-11447
An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device...
The vulnerability of the BIG-IP access control and remote authentication configuration tool allows a perpetrator to execute arbitrary commands.
The vulnerability of the BIG-IP access control and remote authentication configuration tool lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
SUSE CVE-2015-5189
Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated...
CVE-2023-45746
Cross-site scripting vulnerability in Movable Type series allows a remote authenticated attacker to inject an arbitrary script. Affected products/versions are as follows: Movable Type 7 r.5405 and earlier Movable Type 7 Series, Movable Type Advanced 7 r.5405 and earlier Movable Type 7 Series,...
Sielco Analog FM Transmitters Security Vulnerability
Sielco Analog FM Transmitters is an analog FM transmitter from Sielco. A security vulnerability exists in Sielco Analog FM Transmitters that stems from an insufficient cookie session ID length that can be brute-force broken, allowing a remote attacker to obtain a valid session and bypass...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for October 2023
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.14.2 IF001 Vulnerability Details CVEID:CVE-2023-41900 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security...
AZL-37029 CVE-2023-5568 affecting package samba 4.18.3-2
A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service...
CVE-2023-43510
A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a non-privileged user on the underlying operating system...
IBM Sterling Partner Engagement Manager 访问控制错误漏洞
IBM Sterling Partner Engagement Manager is an automated management tool from International Business Machines IBM. An authentication error vulnerability exists in IBM Sterling Partner Engagement Manager versions 6.1.2, 6.2.0, and 6.2.2, which stems from the program improperly authenticating a remo...
Debian dla-3626 : krb5-admin-server - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3626 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3626-1 [email protected] https://www.debian.org/lts/security/...
CVE-2023-34210
SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to execute arbitrary SQL commands via the ctl00$ContentPlaceHolder1$txtCustSQL parameter...
Path traversal
Path Traversal in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to extract files into arbitrary directories via a crafted ZIP archive...
MGASA-2023-0284 Updated cups packages fix security vulnerabilities
The updated packages fix security vulnerabilities: It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents. CVE-2023-32360 Due to failure in validating the length provided by an...
CVE-2023-44959
An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page...
CVE-2023-44959
An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page...
Fortinet FortiGuest Log Information Disclosure Vulnerability
Fortinet FortiGuest is a network visitor management solution from Fortinet that helps organizations manage and control visitor access on their networks. A security vulnerability exists in Fortinet FortiGuest that stems from sensitive information being written to log files. This allows a local...
CVE-2023-4401
Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access...
Electrolink FM/DAB/TV Transmitter Remote Authentication Removal
!/usr/bin/env python Electrolink FM/DAB/TV Transmitter Remote Authentication Removal Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB...