IBM PowerVM VIOS 安全漏洞

IBM PowerVM VIOS is an American Universal Business Machines IBM software located in a logical partition. The software helps to share physical I/O resources between client logical partitions within a server. A denial of service vulnerability exists in IBM PowerVM VIOS version 3.1, which arises fro...

IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a denial of service

IBM SECURITY ADVISORY First Issued: Thu Jul 28 13:39:29 CDT 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/viosadvisory.asc https://aix.software.ibm.com/aix/efixes/security/viosadvisory.asc...

Honeywell Safety Manager 访问控制错误漏洞

Honeywell Safety Manager is used by Honeywell to minimize accidents, maximize production uptime, reduce compliance costs, and manage plant safety. An access control error vulnerability exists in all versions of Honeywell Safety Manager that stems from the use of the Security Builder protocol, whi...

gnome-initial-setup bug fix and enhancement update

An update is available for gnome-initial-setup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnome-initial-setup packages provide the Initial Setup...

HPE NonStop DSM/SCM 安全漏洞

HPE NonStop DSM/SCM is a tool from HPE USA for managing and configuring software installations on distributed target systems. An information disclosure vulnerability exists in HPE NonStop DSM/SCM version T6031H03^ADP, which can be exploited by an attacker to obtain sensitive information...

CVE-2022-20819

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...

CVE-2022-20819 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...

CVE-2022-20819 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...

Android apps with millions of downloads exposed to high-severity vulnerabilities

Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote albeit complex or local attacks. The vulnerabilities, which affected apps...

CVE-2022-29181

A flaw was found in the rubygem-nokogiri package. This flaw allows malicious users to change partial contents or configurations on the system. Additionally, this vulnerability can also cause a limited denial of service in the form of interruptions in resource availability. Mitigation To avoid thi...

Adobe Framemaker Out-of-Bounds Read Vulnerability (CNVD-2022-41739)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker. The vulnerability originates from a network system or a...

Cross site request forgery (csrf)

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

CVE-2022-20735 Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

CVE-2022-25594

Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information...

Information disclosure

Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information...

CVE-2022-25594 Microprogram parking lot management system - Exposure of Sensitive Information to an Unauthorized Actor

Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information...

CVE-2022-25594

CVE-2022-25594 concerns Microprogram’s Parking Lot Management System. The vulnerability enables an unauthorized remote attacker to input specific URLs to obtain partial system configuration information, leading to exposure of sensitive data. Documented as a network-accessible issue with low attac...

Microprogram Parking Lot Management System 安全漏洞

Microprogram Parking Lot Management System is a parking lot management system from the Chinese company Microprogram. A security vulnerability exists in Microprogram Parking Lot Management System V2.2.9.0518.11, which allows an unauthorized remote attacker to enter a specific URL to obtain some...

OTRS Command Injection Vulnerability

OTRS is an application from the German company OTRS. A service management software. OTRS suffers from a command injection vulnerability that stems from a lack of filtering and escaping of specially crafted strings in the system configuration, which can be exploited by an attacker to execute...