177 matches found
CVE-2025-52545 Privilege escalation in the application services
E3 Site Supervisor Control firmware version 2.31F01 RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services...
CVE-2025-52545 Privilege escalation in the application services
E3 Site Supervisor Control firmware version 2.31F01 RCI service contains an API call to read users info, which returns all usernames and password hashes for the application services...
Command Execution Vulnerability in Green Alliance WAF of Beijing Shenzhou Green Alliance Technology Co., Ltd (CNVD-2024-07088)
Beijing Shenzhou Green Alliance Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application services. Ltd. Green Alliance WAF has a command execution vulnerability that can be exploited by attackers to execute arbitrary commands...
Unauthorized Access Vulnerability in Application Infrastructure Services of Xiamen Nalon Health Technology Co.
Xiamen Nalong Health Technology Co., Ltd. is a high-tech, specialized and new enterprise integrating the research and development, production, sales and software service of medical electronic instruments and equipment. An unauthorized access vulnerability exists in the application infrastructure...
CVE-2022-28170
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file...
CVE-2022-28170
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file...
Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05875)
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05879)
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
Oracle WebLogic Server Input Validation Error Vulnerability (CNVD-2022-05874)
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
Tuxera NTFS-3G Buffer Overflow Vulnerability (CNVD-2021-72273)
Tuxera NTFS-3G is Finland's Tuxera company's set of open source , cross-platform for supporting NTFS partition read and write drivers . NTFS-3G suffers from a buffer overflow vulnerability that can be exploited by an attacker to potentially cause a heap buffer overflow and allow arbitrary memory...
Cisco Application Services Engine Unauthorized Access Vulnerabilities (cisco-sa-case-mvuln-dYrDPC6w)
According to its self-reported version, Cisco Application Services Engine affected by multiple Unauthorized Access Vulnerabilities. - A vulnerability in Cisco Application Services Engine could allow an unauthenticated, remote attacker to access a privileged service on an affected device. The...
Cisco ACI Multi-Site Orchestrator Application Services Engine Deployment Authentication Bypass (cisco-sa-mso-authbyp-bb5GmBQv)
According to its self-reported version, a vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator MSO installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper tok...
CVE-2021-32659
Matrix-appservice-bridge is the bridging service for the Matrix communication program's application services. In versions 2.6.0 and earlier, if a bridge has room upgrade handling turned on in the configuration the roomUpgradeOpts key when instantiating a new Bridge instance., any m.room.tombstone...
SQL Injection Vulnerability in Website Construction System of Guangzhou Daxun Yunshang Network Technology Co.
Guangzhou Daxun Yunshang Network Technology Co., Ltd. is a company mainly engaged in enterprises and institutions of Internet application services, website construction, mobile station, micro letter platform depth development, SEO website optimization and promotion of business. Guangzhou Daxun...
The vulnerability of the Cisco Wide Area Application Services Software (WAAS) program lies in its ability to disclose information in erroneous data fields, allowing an intruder to gain access to confidential data.
The vulnerability of the Cisco Wide Area Application Services Software WAAS package is related to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
Cisco Application Services Engine (ASE) Detection
Binary data ciscoapplicationservicesenginedetect.nbin...
CVE-2021-1438
A vulnerability in Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute...
Cisco Wide Area Application Services Information Disclosure Vulnerability (CNVD-2021-37691)
Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An information disclosure vulnerability exists in Cisco...
Cisco Wide Area Application Services 安全漏洞
Cisco Wide Area Application Services WAAS is a comprehensive WAN optimization solution that improves the performance of applications running in WAN environments, delivers video to branch offices and locally hosts branch office IT services. An information disclosure vulnerability exists in Cisco...
The vulnerability of the Cisco Application Services Engine software’s key storage mechanism lies in the lack of authentication for critical functions. This allows attackers to gain access to certain services on vulnerable devices.
The vulnerability of the Cisco Application Services Engine software’s key storage mechanism is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow a malicious actor to gain access to a specific service on a vulnerable device...