249 matches found
QNAP QTS Privilege Escalation Vulnerability (QSA-22-05)
QNAP QTS is prone to a local privilege escalation vulnerability, also known as dirty pipe. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...
Ruby on Rails Information Disclosure Vulnerability (GHSA-wh98-p28r-vrc9) - Windows
Ruby on Rails is prone to an information disclosure vulnerability in Action Pack. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...
QNAP QTS 5.x < 5.0.0.1891 build 20211221 Multiple Vulnerabilities
QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...
MongoDB DoS Vulnerability (SERVER-59071) - Linux
MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...
What is MQTT ❓ All you need to know.
Introduction Regardless of the application type, seamless information exchange between two points is a pivotal operational step. IoT or Internet of Things application development is on the rise and is not free from this crucial requirement. That’s where Message Queue Telemetry Protocol comes into...
CVE-2021-26248
Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor...
Code injection
Philips MRI 1.5T and MRI 3T Version 5.x.x does not restrict or incorrectly restricts access to a resource from an unauthorized actor...
Design/Logic Flaw
Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource...
CVE-2021-26248
CVE-2021-26248 affects Philips MRI 1.5T and MRI 3T (Version 5.x.x). The vulnerability is an Incorrect Ownership Assignment (CWE-708) where a resource is assigned to an owner outside the intended control sphere, enabling improper access control. The incident is documented with a CVSS v3 base score...
CVE-2021-42744 Philips MRI 1.5T and 3T Information Exposure
Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor...
Security fix for the ALT Linux 9 package mailman version 5:2.1.37-alt1
5:2.1.37-alt1 built Nov. 19, 2021 Dmitry V. Levin in task 289143 Nov. 13, 2021 Dmitry V. Levin - 2.1.36 - 2.1.37 fixes bug in the fix for CVE-2021-43332...
Veeam Service Provider Console v5 Patch 4
More Recent Version Available Please find the latest version of Veeam Service Provider Console here: https://www.veeam.com/service-providers-download.html Requirements Please confirm you are running version 5.0.0.6726 or later before installing Patch 4. You can check this by logging in to the...
F-Secure Internet Gatekeeper Denial of Service Vulnerability
F-Secure Internet Gatekeeper is a gateway product that acts as a virus scanning agent for HTTP, SMTP, POP, and FTP protocols. a denial of service vulnerability exists in the web user interface of F-Secure Internet Gatekeeper version 5 Series. An attacker could exploit the vulnerability by sending...
Security Bulletin: IBM WebSphere Application Server Hypervisor GnuTLS certificate security bypass CVE-2014-0092
Summary GnuTLS in Red Hat Enterprise Linux that ships with IBM WebSphere Application Server Hypervisor edition could allow a remote attacker to bypass security restrictions, caused by an error when verifying unspecified certificates. By persuading a victim to visit a specially-crafted Web site, a...
CVE-2020-28198
Summary: Multiple sources describe a stack buffer overflow in the IBM Tivoli Storage Manager components that expose the vulnerable behavior via the interactive use of the id parameter in dsmadmc.exe (Version 5 Release 2, and related IBM TSM/Operations Center variants). The flaw is triggered by an...
OTRS 6.0.1 - Remote Command Execution (2)
Exploit Title: OTRS 6.0.1 - Remote Command Execution 2 Date: 21-04-2021 Exploit Author: Hex26 Vendor Homepage: https://www.otrs.com/ Software Link: http://ftp.otrs.org/pub/otrs/ Version: 4.0.1 - 4.0.26, 5.0.0 - 5.0.24, 6.0.0 - 6.0.1 Tested on: OTRS 5.0.2/CentOS 7.2.1511 CVE : CVE-2017-16921...
Squid 5.x < 5.0.4 Multiple Vulnerabilities
According to its self-reported version number, the version of Squid installed on the remote host is 5.x 5.0.4 or prior to 4.13. It is, therefore, affected by multiple vulnerabilities: - Due to incorrect data validation Squid is vulnerable to HTTP request splitting and HTTP request smuggling attac...
Squid Security Update Advisory (SQUID-2020:4)
Squid is prone to multiple vulnerabilities in the HTTP Digest authentication. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...
CVE-2010-2471
Drupal versions 5.x and 6.x has open redirection...
ayakashi (>=1.0.0-beta3 <=1.0.0-beta5.2), cplotter-validator (>=0.0.1 <=0.0.2) +7 more potentially affected by CVE-2019-10752 via sequelize (>=5.10.0 <=5.14.0)
sequelize NPM version =5.10.0, =1.0.0-beta3, =0.0.1, =2.0.0-alpha.2, =1.0.0-beta.15, =2.0.0, =1.0.8, =1.0.9 Source cves: CVE-2019-10752 Source advisory: SNYK:JS-SEQUELIZE-459751...