151 matches found
Juniper Networks Junos OS EX 安全漏洞
Juniper Networks Junos OS EX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS EX, which is caused by a PHP external variab...
Juniper Networks Junos OS EX 安全漏洞
Juniper Networks Junos OS EX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS EX, which is caused by a PHP external variab...
CLSA-2023-1689700476 Fix CVE(s): CVE-2023-31486
SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verifySSL=1 to HTTP::Tiny default configuration - CVE-2023-31486...
Hikvision Hybrid SAN/Cluster Storage Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Hikvision Hybrid SAN/Cluster Storage, a series of affordable and reliable hybrid SAN storage area network products from Hikvision, China. vulnerability stems from insufficient input validation in the web module. An attacker could exploit the...
CVE-2022-28172
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device...
CVE-2022-28171
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device...
CVE-2022-28172
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device...
Hikvision Hybrid SAN/Cluster Storage 跨站脚本漏洞
A cross-site scripting vulnerability exists in Hikvision Hybrid SAN/Cluster Storage, a series of affordable and reliable hybrid SAN storage area network products from Hikvision, China. vulnerability stems from insufficient input validation in the web module. An attacker could exploit the...
PT-2022-18866 · Hikvision · Hikvision Hybrid San/Cluster Storage
Name of the Vulnerable Software and Affected Versions: Hikvision Hybrid SAN/Cluster Storage products affected versions not specified Description: The issue is related to insufficient input validation in the web module of certain Hikvision Hybrid SAN/Cluster Storage products. This allows an attack...
PT-2022-18865 · Hikvision · Hikvision Hybrid San/Cluster Storage
Name of the Vulnerable Software and Affected Versions: Hikvision Hybrid SAN/Cluster Storage products affected versions not specified Description: The issue is related to insufficient input validation in the web module of certain Hikvision Hybrid SAN/Cluster Storage products. This allows an attack...
CVE-2022-28171
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device...
CVE-2022-28172
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to XSS attack by sending messages with malicious commands to the affected device...
Spring Cloud Function Dos Vulnerability
In Spring Cloud Function versions 3.2.5 and older unsupported versions, it is possible for a user who directly interacts with framework provided lookup functionality to cause denial of service condition due to the caching issue in Function Catalog component of the framework. At the time of writin...
Siemens Climatix Pol909 日志信息泄露漏洞
Siemens Climatix AWB Advanced Web and BACnet Module, POL909 enables users of the Climatix 600 solution to connect to a BACnet IP network and implement and load customer web pages and features. Siemens Climatix AWM Advanced Web Module, POL909 enables users of the Climatix 600 solution to implement...
Climatix POL909 跨站脚本漏洞
Siemens Climatix AWB Advanced Web and BACnet Module, POL909 enables users of the Climatix 600 solution to connect to a BACnet IP network and implement and load customer web pages and features. Siemens Climatix AWM Advanced Web Module, POL909 enables users of the Climatix 600 solution to implement...
Odoo Cross-Site Scripting Vulnerability (CNVD-2020-74057)
Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python language, PostgreSQL as the database, and includes modules for sales management, inventory management, financial management and so on. A cross-site...
CVE-2018-15641
Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...
DEBIAN-CVE-2018-15641
Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...
CVE-2018-15641
Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...
Odoo 跨站脚本漏洞
Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python language, PostgreSQL as the database, and includes modules for sales management, inventory management, financial management and so on. A cross-site...