1288 matches found
CVE-2023-6375
Tyler Technologies Court Case Management Plus may store backups in a location that can be accessed by a remote, unauthenticated attacker. Backups may contain sensitive information such as database credentials...
Information disclosure
Tyler Technologies Court Case Management Plus may store backups in a location that can be accessed by a remote, unauthenticated attacker. Backups may contain sensitive information such as database credentials...
CVE-2023-6375 Tyler Technologies Magistrate Court Case Management Plus stores backups insecurely
Tyler Technologies Court Case Management Plus may store backups in a location that can be accessed by a remote, unauthenticated attacker. Backups may contain sensitive information such as database credentials...
Tyler Technologies Magistrate Court Case Management Plus Security Vulnerability
Tyler Technologies Magistrate Court Case Management Plus is a district court case management system from Tyler Technologies. A security vulnerability exists in Tyler Technologies Magistrate Court Case Management Plus that originates from storing backups which may contain sensitive information suc...
CVE-2023-4677
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate to the application as an administrator. This iss...
CVE-2023-41786
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772...
CVE-2023-41786
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772...
Arbitrary file deletion
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772...
CVE-2023-41786 Database backups availability by low-privileged users
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. This vulnerability allows users with low privileges to download database backups. This issue affects Pandora FMS: from 700 through 772...
CVE-2023-41786
Pandora FMS is affected in versions 700–772, where low-privilege users could download database backups due to exposure of backups. The issue is confirmed in multiple sources and was remediated in versions v773–v775, with PandoraFMS releasing the final patch on 29 December 2023. If assessing mitig...
PT-2023-8737 · Unknown · Pandora Fms
Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 772 Description: The issue is related to the exposure of sensitive information to unauthorized actors, allowing users with low privileges to download database backups. This can be exploited by a remote attacke...
Artica Pandora FMS Security Vulnerability
Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS versions 700 through 772, which stems from a sensitive information...
PT-2023-8542 · Unknown · Pandora Fms
Name of the Vulnerable Software and Affected Versions: Pandora FMS versions = 772 Description: The issue is related to insufficient protection of registration data in the Pandora FMS Console, allowing an attacker to gain unauthorized access to protected information and elevate their privileges to...
Open Solutions For Education openSIS Security Vulnerability
Open Solutions For Education openSIS is an open source student information management system from Open Solutions For Education, USA. A security vulnerability exists in Open Solutions For Education openSIS Classic Community Edition version v9.0, which stems from the presence of a corrupted access...
Weak Encryption Vulnerability in Multiple Siemens Products
The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...
CVE-2023-44318
Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the...
CVE-2023-44318
Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the...
PT-2023-6991 · Siemens · Scalance M826-2 Shdsl-Router +14
Name of the Vulnerable Software and Affected Versions: SCALANCE M804PB versions prior to V8.0 SCALANCE M812-1 ADSL-Router versions prior to V8.0 SCALANCE M816-1 ADSL-Router versions prior to V8.0 SCALANCE M826-2 SHDSL-Router versions prior to V8.0 SCALANCE M874-2 versions prior to V8.0 SCALANCE...
PT-2023-6990 · Siemens · Scalance Xb205-3
Name of the Vulnerable Software and Affected Versions: SCALANCE XB205-3 SC, PN versions prior to V4.5 SCALANCE XB205-3 ST, E/IP versions prior to V4.5 Description: The issue is related to the use of a hardcoded cryptographic key in the software of industrial switches. This could allow a remote...
Siemens SCALANCE 安全漏洞
The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers.The SCALANCE W products are wireless communication devices for connecting industrial components, such as Programmable Logic Controllers PLCs or Human Machine Interfaces HMIs, that comply with the IEEE 802.11...