Lucene search
+L

354 matches found

CNVD
CNVD
added 2024/12/23 12:0 a.m.4 views

Ivanti Desktop and Server Management Privilege Issues Vulnerability

Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation. Ivanti Desktop and Server Management suffers from a privilege issue vulnerability that stems from insufficient privileges. An attacker could exploit this vulnerabilit...

7.1CVSS7.1AI score0.00204EPSS
Exploits0References1
CISA
CISA
added 2024/12/10 12:0 p.m.4 views

Ivanti Releases Security Updates for Multiple Products

Ivanti released security updates to address vulnerabilities in Ivanti Cloud Service Application, Ivanti Desktop and Server Management DSM, Ivanti Connect Secure and Police Secure, Ivanti Sentry, and Ivanti Patch SDK. CISA encourages users and administrators to review the following Ivanti security...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2024/10/18 12:0 a.m.3 views

Ivanti Desktop and Server Management 安全漏洞

Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Desktop and Server Management versions prior to 2024.2. An attacker could exploit the vulnerability to elevate privileg...

7.8CVSS7.7AI score0.00226EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/18 12:0 a.m.5 views

Ivanti Desktop and Server Management 安全漏洞

Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Desktop and Server Management versions prior to 2024.2. An attacker could exploit the vulnerability to elevate privileg...

7.8CVSS7.6AI score0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/29 3:0 p.m.23 views

CVE-2024-41799 tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users

tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path" privilege could potentially set malicious .dme files existing on the host machine to be compiled and executed. These .dme files could be uploaded via...

8.4CVSS0.0121EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/26 12:0 a.m.4 views

Lenovo XClarity Controller 安全漏洞

Lenovo XClarity Controller Lenovo XCC is a server-embedded management engine from Lenovo China that is used to standardize and automate basic server management tasks. A security vulnerability exists in Lenovo XClarity Controller. An attacker can exploit the vulnerability to elevate privileges...

7.2CVSS6.9AI score0.0055EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/26 12:0 a.m.4 views

Lenovo XClarity Controller 安全漏洞

Lenovo XClarity Controller Lenovo XCC is a server-embedded management engine from Lenovo China that is used to standardize and automate basic server management tasks. A security vulnerability exists in Lenovo XClarity Controller. An attacker can exploit the vulnerability to elevate privileges...

7.2CVSS7AI score0.01006EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/26 12:0 a.m.3 views

Lenovo XClarity Controller 安全漏洞

Lenovo XClarity Controller Lenovo XCC is a server-embedded management engine from Lenovo China that is used to standardize and automate basic server management tasks. A security vulnerability exists in Lenovo XClarity Controller. An attacker can exploit the vulnerability to elevate privileges...

7.2CVSS7AI score0.01006EPSS
Exploits0References2
NVD
NVD
added 2024/07/18 4:15 p.m.48 views

CVE-2024-39911

1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability...

10CVSS0.04566EPSS
Exploits2References2
NVD
NVD
added 2024/07/18 4:15 p.m.29 views

CVE-2024-39907

1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to...

9.8CVSS0.29396EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/18 3:35 p.m.31 views

CVE-2024-39911 1Panel SQL injection

1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability...

10CVSS7.2AI score0.04566EPSS
Exploits2References2
CVE
CVE
added 2024/07/18 3:31 p.m.72 views

CVE-2024-39907

1Panel is affected by an authenticated SQL injection vulnerability in its web-based Linux server management panel. The connected Nuclei template and related advisories describe multiple SQL injections that are not properly filtered, enabling arbitrary file writes and remote code execution (RCE). ...

9.8CVSS9.7AI score0.29396EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/07/18 3:31 p.m.16 views

CVE-2024-39907 a sqlinjection in 1Panel

1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to...

9.8CVSS9.1AI score0.29396EPSS
Exploits1References3
Citrix
Citrix
added 2024/07/14 12:0 a.m.10 views

Xenserver Configuration: Comprehensive Guide

Introduction This article will direct you to resources that provide guidance on configuring basic pools for XenServer Top Knowledge Content Basic Configuration guide for a XenServer Pool CTX128391 - How to Remove a Server from a XenServer Pool that Contains Only One Host CTX216127 - How to change...

7AI score
Exploits0
Citrix
Citrix
added 2024/07/13 12:0 a.m.16 views

How to Export Target Devices into a .CSV File

This article details how to export Target Devices from a Provisioning Services PVS database in a formatted Comma Separated Values CSV file. Requirements SQL Server Management Studio or bcp.exe, both of which are components of a full SQL Server or SQL Server Express install...

7.7AI score
Exploits0
Fedora
Fedora
added 2024/07/05 1:18 a.m.16 views

[SECURITY] Fedora 39 Update: cockpit-320-1.fc39

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

3.2CVSS6.9AI score0.00266EPSS
Exploits0
NVD
NVD
added 2024/06/11 7:16 p.m.32 views

CVE-2024-28020

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services...

8CVSS0.00367EPSS
Exploits0References2
OSV
OSV
added 2024/06/11 7:16 p.m.7 views

CVE-2024-28020

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services...

8CVSS5.8AI score0.00367EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/11 6:20 p.m.16 views

CVE-2024-28020

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services...

8CVSS8.7AI score0.00367EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/11 6:20 p.m.28 views

CVE-2024-28020

A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services...

8CVSS0.00367EPSS
Exploits0References2
Rows per page
Query Builder