IBM Guardium Data Protection 安全漏洞

IBM Guardium Data Protection is a comprehensive data security platform developed by the American company International Business Machines IBM. There are security vulnerabilities in versions 12.0, 12.1, and 12.2 of IBM Guardium Data Protection. These vulnerabilities stem from a bypass of business...

EUVD-2019-4980

Malware in sbrugna...

CVE-2019-13525

In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network...

CVE-2020-36062

Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised...

Authentication flaw

In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network...

CVE-2019-13525

In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network...

CVE-2019-13525

CVE-2019-13525 affects Honeywell IP-AK2 Access Control Panel (Version 1.04.07 and earlier). The integrated web server allows remote attackers to obtain web configuration data without authentication over the network due to a missing authentication for a critical function. Impact is information dis...

Honeywell IP-AK2 CVE-2019-13525 Information Disclosure Vulnerability

Description Honeywell IP-AK2 is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. Honeywell IP-AK2 Access Control Panel version 1.04.07 and prior are vulnerable. Technologies Affected Honeywell...

Design/Logic Flaw

vzctl before 4.9.4 determines the virtual environment VE layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container CT root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the...

CVE-2004-1400

The control panel in ASP Calendar does not require authentication to access, which allows remote attackers to gain unauthorized access via a direct request to main.asp...