CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2024-44102

A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 6NH9910-0AA31-0AE1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 256 to 1000 V3.1 6NH9910-0AA31-0AD1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 3...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

CVE-2024-44102

A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 6NH9910-0AA31-0AE1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 256 to 1000 V3.1 6NH9910-0AA31-0AD1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 3...

CVE-2024-44102

Summary: CVE-2024-44102 affects Siemens TeleControl Server Basic (various edition/versions listed in the CVE) where remote attackers can trigger a deserialization of user-supplied content, allowing an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. The root cause is ins...

CVE-2024-44102

A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 6NH9910-0AA31-0AE1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 256 to 1000 V3.1 6NH9910-0AA31-0AD1 All versions V3.1.2.1 with redundancy configured, PP TeleControl Server Basic 3...

Siemens PP TeleControl Server 代码问题漏洞

TeleControl Server Basic allows remote monitoring and control of plants via WAN/LAN. A deserialization vulnerability exists in Siemens TeleControl Server Basic, which can be exploited by an attacker to execute arbitrary code on a device with SYSTEM privileges...

WordPress IA Map Analytics Basic Plugin <= 20170413 is vulnerable to Cross Site Scripting (XSS)

Software IA Map Analytics Basic Type Plugin Vulnerable versions = 20170413 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51937 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4ee8dd041e2f Credits SOPROBRO Required privilege...

Malicious code in bytedps (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 89403fd14357b9969879ed80062b26ab63de5566bf285532ffa46382f1886e7c A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

Drupal Basic HTTP Authentication module < 7.x-1.4 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Roderik Muit in WordPress Module Basic HTTP Authentication versions 7.x-1.4...

PT-2024-10484 · Drupal · Drupal Basic Http Authentication

Name of the Vulnerable Software and Affected Versions: Drupal Basic HTTP Authentication versions 7.X-1.0 through 7.X-1.3 Drupal Basic HTTP Authentication versions prior to 7.X-1.4 Description: The issue is related to insufficient authorization mechanisms in the Basic HTTP Authentication module of...

CVE-2024-10084

CVE-2024-10084 affects the WordPress plugin Contact Form 7 – Dynamic Text Extension . The issue is a Basic Information Disclosure via the CF7_get_post_var shortcode, allowing authenticated attackers with Contributor-level access or higher to exfiltrate the titles and text contents of private or p...

Malicious code in bytekafka-0-0-15 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4619fa745296f46998d4eb4e25a7f4841bdd8634ead366c63521d25abf739a7e A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

Hitron CODA-4582 2AHKM-CODA4589 安全漏洞

The Hitron CODA-4582 2AHKM-CODA4589 is a cable modem router from China Zhongqi Hitron. A security vulnerability exists in Hitron CODA-4582 2AHKM-CODA4589 version 7.2.4.5.1b8, which originates from a vulnerability that allows remote attackers to conduct a stored cross-site scripting attack via the...

PT-2024-24327 · Hitron · Hitron Coda-4582

Name of the Vulnerable Software and Affected Versions: Hitron CODA-4582 2AHKM-CODA4589 version 7.2.4.5.1b8 Description: The issue allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via the Network Name SSID input fields to the "/index.htmlwireless basic" API endpoint...

CVE-2024-10295

A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue c...

Red Hat 3scale API Management Platform 安全漏洞

Red Hat 3scale API Management Platform is an infrastructure platform for API management from Red Hat. It enables rapid API sharing, protection, distribution, control, and monetization. A security vulnerability exists in Red Hat 3scale API Management Platform that stems from the fact that sending...

CVE-2023-49570 Insecure Trust of Basic Constraints certificate in Bitdefender Total Security HTTPS Scanning (VA-11210)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant ...