20 matches found
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.1.9)
The version of AHV installed on the remote host is prior to AHV-10.3.1.9. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.1.9 advisory. - The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.0.2)
The version of AHV installed on the remote host is prior to AHV-11.0.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.0.2 advisory. - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.0.5)
The version of AOS installed on the remote host is prior to 7.5.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.0.5 advisory. - Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged...
EUVD-2025-30815
Malicious code in bioql PyPI...
CVE-2025-35042
Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation. Instances of Airship AI that do not change this account password are vulnerable to a remote attacker logging in and gaining the privileges of this account. Fixed in 10.2.35, 11.0.2...
CVE-2025-35041
Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9...
CVE-2025-35042 Airship AI Acropolis default credentials
Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation. Instances of Airship AI that do not change this account password are vulnerable to a remote attacker logging in and gaining the privileges of this account. Fixed in 10.2.35, 11.0.2...
CVE-2025-35042 Airship AI Acropolis default credentials
Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation. Instances of Airship AI that do not change this account password are vulnerable to a remote attacker logging in and gaining the privileges of this account. Fixed in 10.2.35, 11.0.2...
CVE-2025-35041 Airship AI Acropolis MFA insufficient rate limiting
Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9...
CVE-2025-35041 Airship AI Acropolis MFA insufficient rate limiting
Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9...
CVE-2025-35041
Airship AI Acropolis MFA vulnerability: after a valid login, there is no rate limiting for MFA attempts, allowing unlimited tries within a 15-minute window to brute-force the 6-digit code. Affected versions include those prior to 10.2.35, 11.0.21, and 11.1.9. Remediation is to upgrade to 10.2.35,...
Airship AI MFA bypass and default credentials vulnerabilities
RISK EVALUATION Airship AI Acropolis is used for video and data management. In versions before 11.1.9, 11.0.21, and 10.2.35, a remote unauthenticated attacker with valid credentials can brute force the MFA code and authenticate without an additional authentication method. Improperly configured...
Airship AI Acropolis 安全漏洞
Airship AI Acropolis is a video and wear Blue Flag data management platform from Airship AI in the United States. A security vulnerability exists in Airship AI Acropolis versions prior to 10.2.35, prior to 11.0.21, and prior to 11.1.9, which stems from allowing unlimited attempts at MFA...
Airship AI Acropolis 安全漏洞
Airship AI Acropolis is a video and wear Blue Flag data management platform from Airship AI in the United States. Airship AI Acropolis has a security vulnerability that stems from the use of default administrator account credentials, which could allow a remote attacker to log in and gain account...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.2)
The version of AHV installed on the remote host is prior to AHV-10.0.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.2 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...
Backdoor.Win32.Acropolis.10 Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e865fc7225c84165d7aa0c7d8a1bcb77.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Acropolis.10 Vulnerability: Insecure Permissions Description: The malware writes an...
acropolis-shop.ru XSS vulnerability
Open Bug Bounty ID: OBB-698065 Description| Value ---|--- Affected Website:| acropolis-shop.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidde...
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass
Exploit Title: Nutanix AOS & Prism - SFTP Authentication Bypass Date: 2018-10-27 Exploit Author: Adam Brown Vendor Homepage: https://www.nutanix.org Software Link: https://www.nutanix.com/products/software-options/ Version: 5.5.5 LTS, 5.8.1 STS Tested on: Acropolis Operating System CVE : Related ...
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) SFTP Authentication Bypass Vulnerability
Exploit Title: Nutanix AOS & Prism - SFTP Authentication Bypass Exploit Author: Adam Brown Vendor Homepage: https://www.nutanix.org Software Link: https://www.nutanix.com/products/software-options/ Version: 5.5.5 LTS, 5.8.1 STS Tested on: Acropolis Operating System CVE : Related to CVE-2018-7750...
Nutanix Acropolis Hypervisor Support in XenApp/XenDesktop
The Nutanix Acropolis hypervisor running on Nutanix Acropolis Operating System AOS 4.6.1.x or later has been designated as Citrix Ready and is supported in XenApp and XenDesktop 7.9 or later as mentioned on theCitrix Ready Marketplaceand theNutanix Solutions for Citrix desktop and application...