SecureSTATION 安全漏洞

SecureSTATION is an application from SecureSTATION, Inc. A security vulnerability exists in SecureSTATION v.2.5.5.3116-S50-SMA-B20160811A and prior versions, which stems from the presence of an insecure privilege vulnerability that allows a physically proximate attacker to obtain sensitive...

ManageEngine AssetExplorer < 6.9 Build 6987

The version of ManageEngine AssetExplorer installed on the remote host is prior to 6.9 Build 6987. It is, therefore, affected by a vulnerability as referenced in the asset-explorerCVE-2023-23078 advisory. - Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the...

CVE-2023-23078

Cross site scripting XSS vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the comment field when changing the credentials in the Assets...

Scientific Linux Security Update : pam_krb5 on SL5.x i386/x86_64

A flaw was found in pamkrb5. In some non-default configurations specifically, those where pamkrb5 would be the first module to prompt for a password, the text of the password prompt varied based on whether or not the username provided was a username known to the system. A remote attacker could us...

Scientific Linux Security Update : pam_krb5 on SL3.x i386/x86_64

These updated pam-krb5 packages fix a bug which caused user authentication to fail under certain circumstances. When authenticating a user, if the user's password was expired, the module would attempt to obtain password-changing credentials in order to verify the user's password. When the module...