125 matches found
Volkswagen ID.3 Security Vulnerability
The Volkswagen ID.3 is an all-electric vehicle from Volkswagen Germany. A security vulnerability exists in the Volkswagen ID.3 ICAS 3 IVI ECU that originates from a vulnerability that allows an attacker to cause a denial of service DOS and invoke the spoof volume setting command via the REST API ...
NVIDIA DGX Input Validation Error Vulnerability
NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. The NVIDIA DGX H100 BMC suffers from an input validation error vulnerability that stems from an input validation error vulnerability in the REST service. An attacker could exploit this vulnerability to cause...
UNISOC Chipsets Buffer Error Vulnerability
UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of boundary checking in the urild service, which may result in out-of-bounds writes...
PT-2023-18290 · Unknown · Trusted Execution Environment
Name of the Vulnerable Software and Affected Versions: Trusted Execution Environment affected versions not specified Description: The issue involves memory corruption in the Trusted Execution Environment when the service API is called with an invalid address. Recommendations: At the moment, there...
Oracle Java SE 安全漏洞
Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...
PT-2023-9279 · D Link · D-Link Dir-2150
Name of the Vulnerable Software and Affected Versions: D-Link DIR-2150 affected versions not specified Description: The issue exists due to the lack of proper validation of a user-supplied string before using it to execute a system call in the SOAP API interface, which listens on TCP port 80 by...
SugarCRM Enterprise SQL注入漏洞
SugarCRM Enterprise is an enterprise version of an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing for different customer needs, managing and distributing sales leads, and enabling information sharing and tracking of sales...
PT-2023-4247 · Sap · Sap Hybris Commerce +1
Name of the Vulnerable Software and Affected Versions: SAP Commerce Cloud versions HY COM 2105, HY COM 2205, COM CLOUD 2211 SAP Hybris Commerce versions HY COM 2105, HY COM 2205 Description: The issue is related to the implementation of the Omni Commerce Connect OCC API in SAP Commerce Cloud and...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a denial of service issue in the fingerprint old service interface of the HarmonyOS...
PT-2023-17413 · Checkmk · Checkmk
Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.1.0p27 Checkmk versions prior to 2.2.0b4 Description: The issue is related to insufficient permission checks in the REST API, allowing unauthorized users to schedule downtimes for any host. Recommendations: For...
CVE-2023-24527 Improper Access Control in SAP NetWeaver AS Java for Deploy Service
SAP NetWeaver AS Java for Deploy Service - version 7.5, does not perform any access control checks for functionalities that require user identity enabling an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access a service which will...
The vulnerability of the SOAP service of the Nighthawk WiFi 6 Router (RAX30) software allows a hacker to execute arbitrary code.
The vulnerability of the SOAP service in the Nighthawk WiFi 6 Router RAX30 microprogramming system lies in the use of uncontrolled format strings. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
SUSE CVE-2008-1515
The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."...
CVE-2020-18329
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface...
CVE-2020-18329
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface...
PT-2023-11489 · Rehau · Rehau
Name of the Vulnerable Software and Affected Versions: Rehau devices that use a pCOWeb card BIOS version 6.27, BOOT version 5.00, web version 2.2 Description: An issue in the devices allows attackers to gain full unauthenticated access to the configuration and service interface. Recommendations:...
CVE-2020-18329
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface...
Jenkins Checkmarx Plugin 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...
PUB-A-242994270
In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
畅捷通T+安全漏洞
Changjitong T+ is an Internet-based enterprise management system from China's Changjitong Company, featuring business management, order tracking, funding, inventory, and other functions. An unauthorized attacker can upload malicious files through the exposed web service interface of Changjitong T...