294 matches found
Sql injection
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticate...
Sql injection
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticate...
CVE-2020-13499
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticate...
PT-2020-3766 · Cisco · Cisco Dna Center
Name of the Vulnerable Software and Affected Versions: Cisco DNA Center software affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based management interface of Cisco DNA Center software. These vulnerabilities could allow an unauthenticated,...
CVE-2020-12017
GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The device’s vulnerability in the web application could allow multiple unauthenticated attacks that could cause serious impact. The vulnerability may allow an unauthenticated attacker to execute...
Authentication flaw
GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The device’s vulnerability in the web application could allow multiple unauthenticated attacks that could cause serious impact. The vulnerability may allow an unauthenticated attacker to execute...
CVE-2020-12017
CVE-2020-12017 affects GE Grid Solutions Reason RT Clocks RT430, RT431, and RT434 (firmware
CVE-2020-12017
GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. The device’s vulnerability in the web application could allow multiple unauthenticated attacks that could cause serious impact. The vulnerability may allow an unauthenticated attacker to execute...
CVE-2020-11547
CVE-2020-11547 affects Paessler PRTG Network Monitor prior to 20.1.57.1745. The vulnerability is an information-disclosure flaw that allows remote unauthenticated attackers to retrieve details about probes running or the server (CPU usage, memory, Windows version, internal statistics) via HTTP re...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Collector for Email, IBM Content Collector for File Systems, IBM Content Collector for SharePoint and IBM Content Collector for IBM Connections
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 6 that is used by IBM Content Collector for Email, IBM Content Collector for File Systems, IBM Content Collector for SharePoint and IBM Content Collector for IBM Connections. These issues were disclosed...
OpenJDK: GTK library loading use-after-free (AWT, 8185325)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
Websense Appliance Manager Command Injection
------------------------------------------------------------------------ Command injection vulnerability in network diagnostics tool of Websense Appliance Manager ------------------------------------------------------------------------ Han Sahin, September 2014...
Ubuntu Update for eucalyptus vulnerability USN-1033-1
Ubuntu Update for Linux kernel vulnerabilities USN-1033-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10331.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for eucalyptus vulnerability USN-1033-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Novell iManager Tree Name Denial of Service (CVE-2010-1930)
Novell iManager is a web-based administration console that provides management of many other Novell products. The iManager service itself is a Java web application running on top of the Tomcat application container. A denial of service vulnerability exists in Novell iManager. The vulnerability is...