195 matches found
CVE-2024-45187 Mage AI allows deleted users to use the terminal server with admin access, leading to remote code execution
Guest users in the Mage AI framework that remain logged in after their accounts are deleted, are mistakenly given high privileges and specifically given access to remotely execute arbitrary code through the Mage AI terminal server...
CVE-2024-45187 Mage AI allows deleted users to use the terminal server with admin access, leading to remote code execution
Guest users in the Mage AI framework that remain logged in after their accounts are deleted, are mistakenly given high privileges and specifically given access to remotely execute arbitrary code through the Mage AI terminal server...
Authentication Bypass
mageai is vulnerable to Authentication Bypass. The vulnerability is due to insufficient authentication controls that allow remote unauthenticated access to the terminal server command history...
PT-2024-31469
Name of the Vulnerable Software and Affected Versions Mage AI framework affected versions not specified Description The issue concerns guest users in the Mage AI framework who remain logged in after their accounts are deleted. These users are mistakenly given high privileges, specifically access ...
GHSA-CGRQ-WVFJ-V28J Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users...
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users...
CVE-2024-8072
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users...
CVE-2024-8072 Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users...
PT-2024-38786
Name of the Vulnerable Software and Affected Versions: Mage AI affected versions not specified Description: The issue allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users. Recommendations: At the moment, there is no information about a newer versi...
CVE-2024-38876
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 All versions, Omnivise T3000 Domain Controller R9.2 All versions, Omnivise T3000 Product Data Management PDM R9.2 All versions, Omnivise T3000 R8.2 SP3 All versions, Omnivise T3000 R8.2 SP4 All versions, Omnivise T3000...
The vulnerabilities of the components such as Omnivise T3000 Application Server, Omnivise T3000 Domain Controller, Omnivise T3000 Network Intrusion Detection System (NIDS), Omnivise T3000 Product Data Management (PDM), Omnivise T3000 Security Server, Omnivise T3000 Terminal Server, Omnivise T3000 Thin Client, and Omnivise T3000 Whitelisting Server, along with their software-defined hardware platforms for process management and monitoring in the Siemens Omnivise T3000 system, allow attackers to disclose protected information and enhance their privileges.
The vulnerabilities of the Omnivise T3000 Application Server, Omnivise T3000 Domain Controller, Omnivise T3000 Network Intrusion Detection System NIDS, Omnivise T3000 Product Data Management PDM, Omnivise T3000 Security Server, Omnivise T3000 Terminal Server, Omnivise T3000 Thin Client, and...
PT-2024-5380 · Omnivise · Omnivise T3000 Terminal Server +5
Name of the Vulnerable Software and Affected Versions: Omnivise T3000 Application Server R9.2 All versions Omnivise T3000 Domain Controller R9.2 All versions Omnivise T3000 Product Data Management PDM R9.2 All versions Omnivise T3000 R8.2 SP3 All versions Omnivise T3000 R8.2 SP4 All versions...
Vulnerability of anti-virus protection tools such as Check Point ZoneAlarm, Extreme Security, and NextGen, as well as software identification tools like Check Point Identity Agent for Windows and Identity Agent for Windows Terminal Server. This vulnerability arises from improper granting of permissions to critical resources, allowing attackers to increase their privileges.
The vulnerability of the Check Point antivirus protection products, such as ZoneAlarm Extreme Security and NextGen, as well as the Check Point Identity Agent for Windows and Identity Agent for Windows Terminal Server, is related to the improper assignment of permissions to critical resources...
CVE-2024-24910
CVE-2024-24910 describes a local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. Affected components arise from incorrect permission handling for a critical resource, enabling a local attacker who ...
CVE-2024-24910 LocalprivilegeescalationinCheckPointZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,andIdentityAgentforWindowsTerminalServerviacraftedDLLfile
A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target...
PT-2024-3070
Name of the Vulnerable Software and Affected Versions Check Point ZoneAlarm Extreme Security NextGen affected versions not specified Check Point Identity Agent for Windows affected versions not specified Check Point Identity Agent for Windows Terminal Server affected versions not specified...
The vulnerability of the NPort 6000 terminal server’s microprogramming software arises from the improper implementation of authentication algorithms, allowing attackers to escalate their privileges.
The vulnerability of the NPort 6000 terminal server’s microprogramming software is related to the improper implementation of the authentication algorithm. Exploiting this vulnerability allows a malicious actor to increase their privileges remotely...
The vulnerability of the CN2600 terminal server’s microprogramming software, related to the use of cryptographic algorithms containing defects, allows a hacker to compromise the connection and gain access to protected information.
The vulnerability of the microprogramming software of the terminal server CN2600 is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a malicious actor to compromise the connection and gain access to protected information...
SUSE CVE-2008-1293
ldm in Linux Terminal Server Project LTSP 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 aka display :6...
SUSE CVE-2011-0900
Stack-based buffer overflow in the tsclaunchremote function src/support.c in Terminal Server Client tsclient 0.150, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a .RDP file with a long hostname argument...