Ivanti Secure Access Client Security Vulnerability

Ivanti Secure Access Client is a security software client from Ivanti. A security vulnerability exists in Ivanti Secure Access Client versions prior to 22.5R1 that originated from allowing logged in users to modify specific files, which could result in unauthorized changes to system-wide...

Improper Authentication

mageai is vulnerable to Improper Authentication. The vulnerability exists due to missing user permission authentication which allows an attacker to gain access and make changes in the system...

PT-2023-2484 · Moxa · Miineport E1

Name of the Vulnerable Software and Affected Versions: Moxa MiiNePort E1 affected versions not specified Description: The issue is related to insufficient access control, allowing an unauthenticated remote user to exploit the vulnerability and perform arbitrary system operations or disrupt servic...

Input validation

A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to make unauthorized changes to the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

Privilege Escalation

github.com/cilium/cilium is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation in container which allows an unauthorized user to access the Kubernetes account and make changes to the system...

Privilege Escalation

github.com/rancher/rancher is vulnerable to privilege escalation. The vulnerability exists due to a lack of validation which allows an unauthorized user to make changes to the system...

Cross Site Request Forgery (CSRF)

shopware/shopware is vulnerable to cross-site request forgery. The vulnerability exists in CSRFTokenValidator.php due to the lack of validation in csrf token which allows an attacker to make changes to the system as a legitimate user...

Secure Manufacturing on Cloud, Edge and 5G (Download PDF)

This e-book provides you with insight into system changes brought on by factory production processes and explains how the cloud and 5G have transformed smart factories. You’ll also receive a look into how we map the attack scenario so you can identify the type of risks that lie throughout the...

Moderate: Red Hat Security Advisory: ACS 3.64 security and enhancement update

Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. Red Hat Product Security has rated this update as having a "Moderate" security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Cisco SD-WAN Solutions < 19.2.2 Multiple Vulnerabilities

According to its self-reported version number, the instance of Cisco Viptela hosted on the remote server is prior to 19.2.2. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability exists in Cisco SD-WAN Solutions due to insufficient input validation. An...

Input validation

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected...

CVE-2020-3375 Cisco SD-WAN Solution Software Buffer Overflow Vulnerability

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected...

Cisco SD-WAN Solution Software Buffer Overflow Vulnerability (cisco-sa-sdbufof-h5f5VSeL)

According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by a buffer overflow vulnerability. This could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could...

Cisco SD-WAN Solution Software Buffer Overflow Vulnerability

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected...

CVE-2020-3264

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device...

CVE-2020-3264

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device...

CVE-2020-3264 Cisco SD-WAN Solution Buffer Overflow Vulnerability

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device...

CVE-2019-12683

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

CVE-2019-12685

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

Sql injection

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...