184 matches found
CVE-2023-2989
CVE-2023-2989 affects Fortra Globalscape EFT administration server prior to 8.1.0.16, due to an out-of-bounds memory read that can permit authentication bypass. Public details describe a blind read flaw in the EFT admin protocol, enabling a logged-in attacker to impersonate another user under cer...
CVE-2023-2989 Fortra Globalscape Administration Server Out of Bounds Memory Read
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited...
CVE-2023-2989 Fortra Globalscape Administration Server Out of Bounds Memory Read
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited...
Security Bulletin: Remote Escalation of Privilege Vulnerability in DB2 Administration Server (CVE-2012-0711)
Abstract Vulnerability in IBM DB2 Administrator Server could allow an escalation of privilege attack. Content VULNERABILITY DETAILS CVE ID: CVE-2012-0711 DESCRIPTION: The IBM DB2 products listed below contain a security vulnerability in the DB2 Administration Server DAS which would allow an...
CVE-2021-34543
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with...
Solar-Log 500 2.8.2 - Incorrect Access Control Vulnerability
Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control Google Dork: In Shodan search engine, the filter is ""Server: email protected"" Exploit Author: Luca.Chiou Vendor Homepage: https://www.solar-log.com/en/ Software Link: Firmware for Solar-Log...
Privilege Escalation
redhat-ds-admin is vulnerable to privilege escalation. The vulnerability exists as it was discovered that the Red Hat Administration Server did to properly restrict access to CGI scripts. An unauthenticated remote user with access to the TCP port used by the Administration Server could access...
Arbitrary Command Execution
redhat-ds-admin is vulnerable to arbitrary command execution. The vulnerability exists as a shell command injection flaw was discovered in the Red Hat Administration Server replication monitor CGI script used by Red Hat Directory Server 8.0. An attacker with access to the replication monitor web...
Debian DLA-2041-1 : debian-edu-config security update
It was discovered that debian-edu-config, the package containing the configuration files and scripts for Debian Edu Skolelinux, contained an insecure configuration for kadmin, the Kerberos administration server. The insecure configuration allowed every user to change other users' passwords, thus...
CVE-2018-12415 TIBCO Enterprise Message Service Vulnerable to CSRF Attacks
The Central Administration server emsca component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site...
CVE-2018-12415
The Central Administration server emsca component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site...
Security Bulletin: Multiple vulnerabilities in IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, and products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise
Summary Multiple vulnerabilities have been identified in IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, and in supporting products shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Vulnerability Details This security bulletin covers multiple vulnerabilities in...
Red Hat 389 Administration Server Elevation of Privilege Vulnerability
Red Hat 389 Administration Server is an enterprise-class Linux directory server from Red Hat. The server fully supports the LDAPv3 specification and features scalability, multi-master replication, and more. A security vulnerability exists in Red Hat 389 Administration Server versions prior to...
CVE-2015-0233
Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38...
Design/Logic Flaw
Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38...
UBUNTU-CVE-2015-0233
Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38...
CVE-2015-0233
Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38...
CVE-2015-0233
Removed by vendor...
CVE-2015-0233
CVE-2015-0233 affects the 389 Administration Server prior to version 1.1.38. The issue is described as multiple insecure temporary file vulnerabilities in the server. Impact is limited to confidentiality, integrity, and availability (per CVSS), with local attack vector and the need for high privi...
Kaa IoT Administration Server Detection
Binary data kaaiotdetect.nbin...