732 matches found
CVE-2024-10724 Stored XSS in IPV6 Section in phpipam/phpipam
A stored cross-site scripting XSS vulnerability exists in phpipam/phpipam version 1.5.2, specifically in the Subnet NAT translations section when editing the Destination address. This vulnerability allows an attacker to execute malicious code. The issue is fixed in version 1.7.0...
phpIPAM 跨站脚本漏洞
phpIPAM is phpIPAM open source a set of open source PHP and MySQL based IP address management applications IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.5.2, which stems from a stored cross-site scripting vulnerability in the Subnet NAT translations section when editing a...
PT-2025-34937
Name of the Vulnerable Software and Affected Versions: Kea versions 2.7.1 through 2.7.9 Kea version 3.0.0 Kea version 3.1.0 Description: If a DHCPv4 client sends a request with specific options and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an...
Subnet mask missing in Windows once PVS target is booted via BDM
When booting a PVS target using a BDM with static IP and having DHCP enabled in the vdisk, Windows may be missing its subnet mask...
CVE-2021-23282
Eaton Intelligent Power Manager IPM prior to 1.70 is vulnerable to stored Cross site scripting. The vulnerability exists due to insufficient validation of input from certain resources by the IPM software. The attacker would need access to the local Subnet and an administrator interaction to...
CVE-2021-23282
CVE-2021-23282 affects Eaton Intelligent Power Manager (IPM) versions prior to 1.70. The issue is a stored cross-site scripting vulnerability caused by insufficient validation of input from certain resources in the IPM software. Exploitation requires access to the local subnet and administrator i...
CVE-2021-23282 Stored Cross-site Scripting reported in Intelligent Power Manager v1
Eaton Intelligent Power Manager IPM prior to 1.70 is vulnerable to stored Cross site scripting. The vulnerability exists due to insufficient validation of input from certain resources by the IPM software. The attacker would need access to the local Subnet and an administrator interaction to...
The vulnerability of the application software interface of Juniper Networks Junos OS Evolved allows a hacker to circumvent security restrictions.
The vulnerability of the application software interface of Juniper Networks Junos OS Evolved relates to incorrect comparison of subnet addresses. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions from a remote location...
CVE-2024-48638
D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the SubnetMask parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...
Agent Dart is missing certificate verification checks
Certificate verification in lib/agent/certificate.dart has been found to contain two issues: - During the delegation verification in checkDelegation function the canisterranges aren't verified. The impact of not checking the canisterranges is that a subnet can sign canister responses in behalf of...
CVE-2024-48915
Agent Dart is an agent library built for Internet Computer for Dart and Flutter apps. Prior to version 1.0.0-dev.29, certificate verification in lib/agent/certificate.dart does not occur properly. During the delegation verification in the checkDelegation function, the canisterranges aren't...
CVE-2024-48915
Agent Dart (for Dart/Flutter) prior to version 1.0.0-dev.29 has certificate verification issues in lib/agent/certificate.dart. In _checkDelegation, canister_ranges are not verified, potentially allowing a subnet to sign canister responses on behalf of another subnet. The certificate’s /time path ...
Agent Dart is missing certificate verification checks
Certificate verification in lib/agent/certificate.dart has been found to contain two issues: - During the delegation verification in checkDelegation function the canisterranges aren't verified. The impact of not checking the canisterranges is that a subnet can sign canister responses in behalf of...
CVE-2024-39534
An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker to create sessions or send traffic to the device using the network and broadcast address of the subnet assigned to an interface. Thi...
Juniper Networks Junos OS Evolved 安全漏洞
Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS system. A security vulnerability exists in Juniper Networks Junos OS Evolved. An attacker exploits the vulnerability to create a session or send traffic to the device using the network and broadcast addresses...
PT-2024-7847 · Juniper Networks · Junos Evolved
Name of the Vulnerable Software and Affected Versions: Junos OS Evolved versions prior to 21.4R3-S8-EVO Junos OS Evolved version 22.2-EVO prior to 22.2R3-S4-EVO Junos OS Evolved version 22.3-EVO prior to 22.3R3-S4-EVO Junos OS Evolved version 22.4-EVO prior to 22.4R3-S3-EVO Junos OS Evolved versi...
Subnet Solutions Inc. PowerSYSTEM Center
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center Vulnerabilities: Server-Side Request Forgery SSRF, Inefficient Regular Expression Complexity, Cross-Site Request Forgery CSRF 2. RISK...
D-Link DAP-1325 SubnetMask Command Injection Vulnerability
D-Link DAP-1325 is a wireless access point/bridge made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network to wireless network or connect different wireless networks. The D-Link DAP-1325 suffers from a command injection vulnerability th...
Subnet Solutions PowerSYSTEM Center
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Subnet Solutions Inc. Equipment : Subnet PowerSYSTEM Center Vulnerability : Prototype Pollution 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated...
How to Configure NetScaler and StoreFront for Internal and External Connections
This article describes how to configure NetScaler and StoreFront with two NetScaler Gateways, two StoreFront sites, two different subnet IPs, and one URL for both internal and external connections...