23 matches found
EUVD-2021-10286
Malware in sbrugna...
EUVD-2019-1172
Malware in sbrugna...
CVE-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
CVE-2019-0399
SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500702, 600740, 610740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure...
BIT-ODOO-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
[SECURITY] Fedora 39 Update: tacacs-F4.0.4.28.7fb~20231005g4fdf178-1.fc39
Tacacs+ tacplus is a C daemon that authenticates requests via the Tacacs+ Protocol and logs accounting information. This is a fork of Cisco + Shruberry's Tacacs+ daemons http://www.shrubbery.net/tacplus/...
Improper Access Control
odoo is vulnerable to Improper Access Control. The vulnerability exists in reporting engine of l10nfrfec module, which allows an attacker to extract accounting information via crafted RPC packets...
CVE-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
CVE-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
Improper access control
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
CVE-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
CVE-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
CVE-2021-23176
CVE-2021-23176 affects Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier. The vulnerability is due to improper access control in the l10n_fr_fec reporting engine, allowing remote authenticated users to extract accounting information via crafted RPC packets. Affected products an...
CVE-2021-23176
Improper access control in reporting engine of l10nfrfec module in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to extract accounting information via crafted RPC packets...
CVE-2022-42325
Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...
CVE-2022-42325
Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...
Design/Logic Flaw
Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...
Design/Logic Flaw
Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...
CVE-2022-42325
CVE-2022-42325 concerns Xenstore in the Xen hypervisor. A vulnerability allows a malicious guest to create an arbitrary number of Xenstore nodes when a node is created in a transaction and later deleted in the same transaction; if the transaction is finalized with an error, it completes partially...
Information disclosure
SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500702, 600740, 610740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure...