CVE-2022-36453

A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to control another extension number...

Authorization

A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name...

CVE-2022-36453

A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to control another extension number...

Mitel MiCollab 安全漏洞

Mitel MiCollab is a mobile application that provides voice, video, messaging, audio conferencing and team collaboration for employees from Mitel Canada. A security vulnerability exists in Mitel MiCollab version 9.5.0.101 and prior versions, which stems from an incorrect authorization control in t...

CVE-2022-36454

A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name...

CVE-2022-36454

A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name...

Input validation

Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams...

Malicious code in fitbit-connect-client-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08efae8d0db8e2e4172e8acf35605a70436f1b61b61df70ccd478b1eb14052f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-756 Malicious code in @xvideos/client-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e4451e20161f4c1a7380cb7af0a16c798b0a7f7d4297e58a34b5cf0d14a3b8ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

at.salzburgresearch.nodekeeper:nodekeeper-java (>=1.0 <=1.2), com.baidu.beidou:navi-rpc (=1.1.0) +85 more potentially affected by CVE-2017-5637 via org.apache.zookeeper:zookeeper (>=3.4.0 <=3.4.1)

org.apache.zookeeper:zookeeper MAVEN version =3.4.0, =1.0, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =0.13, =0.13, =0.13, =0.16, =0.13, =0.15, =0.13, =0.15, =0.17 and more Source cves: CVE-2017-5637 Source advisory: OSV:GHSA-7CWJ-J333-X7F7...

Exploit for CVE-2022-26809

CVE-2022-26809 This repo just simply research for the CVE, f...

Jenkins Enterprise and Operations Center < 2.303.30.0.4 / 2.319.2.9 RCE (CloudBees Security Advisory 2022-01-28)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.303.x prior to 2.303.30.0.4, or 2.x prior to 2.319.2.9. It is, therefore, affected by a remote code execution vulnerability in the Kubernetes Client API. An authenticated, local attacker can explo...

Security Bulletin: Security vulnerabilities have been identified in the IBM Spectrum Protect (formerly Tivoli Storage Manager) Client that affect multiple IBM Spectrum Protect (formerly Tivoli Storage Manager) products

Summary The IBM Spectrum Protect formerly Tivoli Storage Manager Client/API is used as a component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for Windows, IBM Spectrum Protect formerly Tivoli Storage Manager for Databases, IBM Spectrum Protect formerly Tivoli Stora...

Security Bulletin: Security vulnerabilities have been identified in the Tivoli Storage Manager (IBM Spectrum Protect) Client that affect multiple Tivoli Storage Manager (IBM Spectrum Protect) products

Summary The Tivoli Storage Manger IBM Spectrum Protect Client/API is used as a component of Tivoli Storage FlashCopy Manager IBM Spectrum Protect Snapshot for Windows, Tivoli Storage Manager IBM Spectrum Protect HSM for Windows, Tivoli Storage Manager IBM Spectrum Protect for Databases, Tivoli...

mysql: C API unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client...

mysql: C API unspecified vulnerability (CPU Jan 2020)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

mysql: C API unspecified vulnerability (CPU Jan 2020)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

Cross site request forgery (csrf)

The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request...

mysql: C API unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

mysql: C API unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of thi...