Design/Logic Flaw

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. In version 3.6.0, if a user received a malicious file share and has it synced locally or the virtual filesystem enabled and clicked a nc://open/ link it will open the default editor for the file...

Improve your security posture with Wazuh, a free and open source XDR

Organizations struggle to find ways to keep a good security posture. This is because it is difficult to create secure system policies and find the right tools that help achieve a good posture. In many cases, organizations work with tools that do not integrate with each other and are expensive to...

CVE-2022-35415

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-35415

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-35415

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access...

Input validation

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-35415

The CVE-2022-35415 entry concerns NI System Configuration Manager prior to version 22.5, with an improper input validation issue that may allow a privileged user to escalate privileges via local access. Affected component: NI System Configuration Manager (pre-22.5). Root cause: input validation w...

CVE-2022-35415

An improper input validation in NI System Configuration Manager before 22.5 may allow a privileged user to potentially enable escalation of privilege via local access...

National Instruments System Configuration Manager 输入验证错误漏洞

National Instruments System Configuration Manager is a configuration manager from National Instruments. A utility program used to monitor and control various NI devices in the system. An input validation error vulnerability exists in National Instruments System Configuration Manager versions prio...

PT-2022-22815 · National Instruments · Ni System Configuration Manager

Name of the Vulnerable Software and Affected Versions: NI System Configuration Manager versions prior to 22.5 Description: The issue is related to improper input validation, which may allow a privileged user to potentially enable escalation of privilege via local access. Recommendations: For...

CVE-2022-35413

WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information such as SSL keys via an HTTPS request to the /webapi/ URI on port 443 or 5001...

CVE-2022-36560

Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded passcodes for root. Attackers are able to access the passcodes at /etc/srapi/config/system.conf and /usr/sbin/ssol-sshd.sh...

CVE-2022-36560

Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded passcodes for root. Attackers are able to access the passcodes at /etc/srapi/config/system.conf and /usr/sbin/ssol-sshd.sh...

Jenkins Job Configuration History Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site scripting...

CVE-2022-30693

Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to obtain the data of the product via unspecified vectors...

CVE-2022-30693

Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to obtain the data of the product via unspecified vectors...

Red Hat Ansible 安全漏洞

Red Hat Ansible is a computer system configuration manager from Red Hat, an American company. The product can be used to distribute, manage, and organize computer systems. A security vulnerability exists in Red Hat Ansible that stems from a logic flaw that could lead to elevation of privilege...

The vulnerability of the Jenkins Compuware ISPW Operations Plugin involves a violation of data protection mechanisms, allowing an attacker to gain unauthorized access to protected information related to system configuration settings.

The vulnerability of the Jenkins Compuware ISPW Operations Plugin is related to a breach of data protection mechanisms. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected system configuration information...

IBM PowerVM VIOS Denial of Service Vulnerability

IBM PowerVM VIOS is an American Universal Business Machines IBM software located in a logical partition. The software helps to share physical I/O resources between client logical partitions within a server. A denial of service vulnerability exists in IBM PowerVM VIOS version 3.1, which arises fro...

Design/Logic Flaw

IBM PowerVM VIOS 3.1 could allow a remote attacker to tamper with system configuration or cause a denial of service. IBM X-Force ID: 230956...