32 matches found
Socomec Easy Config System Authentication Bypass Vulnerability
Socomec Easy Config System is a free software tool developed by Socomec for fast, reliable and flexible configuration of its power monitoring and measurement equipment. An authentication bypass vulnerability exists in Socomec Easy Config System, which stems from an authentication bypass in the us...
CVE-2024-45370
An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...
EUVD-2024-55108
An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...
CVE-2024-45370
Talos reports CVE-2024-45370 as an authentication bypass in Socomec Easy Config System 2.6.1.0. The flaw arises in the User profile management module, where the application stores credentials in a local sqlite database. An attacker who has system access can modify the database to set passwordActi...
CVE-2024-45370
An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...
PT-2025-48468
Name of the Vulnerable Software and Affected Versions Socomec Easy Config System version 2.6.1.0 Description An authentication bypass exists in the User profile management functionality. A crafted database record can allow unauthorized access. An attacker can modify a local database to trigger th...
EUVD-2021-17103
Malware in sbrugna...
EUVD-2021-28419
Malicious code in bioql PyPI...
EUVD-2021-28418
Malicious code in bioql PyPI...
CVE-2021-41391
In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover...
CVE-2021-41390
In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection...
Data lost upon configuring folder redirection for existing user profiles
When Desktop folder redirection is configured for existing user profiles, User Profile Management UPM only transfers individual files from the user profile's Desktop folder to the redirected location, resulting in the deletion of all subfolders and their contents...
CVE-2024-40531
A mass assignment vulnerability exists in Pantera CRM versions 401.152 and 402.072. This flaw allows authenticated users to modify any user attribute, including roles, by injecting additional parameters via profile management functions...
CVE-2024-40531
A mass assignment vulnerability exists in Pantera CRM versions 401.152 and 402.072. This flaw allows authenticated users to modify any user attribute, including roles, by injecting additional parameters via profile management functions...
CVE-2024-40531
A mass assignment vulnerability exists in Pantera CRM versions 401.152 and 402.072. This flaw allows authenticated users to modify any user attribute, including roles, by injecting additional parameters via profile management functions...
UAB Pantera CRM 安全漏洞
UAB Pantera CRM is a tool and information management system from UAB Pantera. A security vulnerability exists in UAB Pantera CRM versions v.401.152 and v.402.072, which originated from a vulnerability that allows remote attackers to elevate privileges via the user profile management feature...
CVE-2024-40531
CVE-2024-40531 affects Pantera CRM versions 401.152 and 402.072. The vulnerability is a mass assignment flaw in profile management that allows an authenticated user to inject extra parameters and modify any user attribute, including roles. CVSS 3.1 vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, bas...
UPM - Microsoft Edge browser does not retain saved credentials in subsequent logins
With Citrix User Profile Management UPM configuration Microsoft Edge browser does not retain saved credentials in subsequent login to VDI...
User Profile Management is not saving bookmarks from Microsoft Edge browser
Edge browser bookmarks are not retained in user profile...
CVE-2021-41391
In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover...