Lucene search
K

62 matches found

CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print that originates from returning a cookie in the response body...

9.1CVSS6.8AI score0.00504EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.5 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print that stems from inadequate antivirus protection and could cause the driver to contain known malicious code...

9.8CVSS6.8AI score0.00617EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print versions prior to 22.0.862 and Application 20.0.2014, which stems from a process list storing plaintext passwords...

9.8CVSS6.6AI score0.00832EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Vasion Print 跨站脚本漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print. An attacker could execute a cross-site scripting attack by exploiting the vulnerability...

6.1CVSS6.2AI score0.00386EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.5 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print versions prior to 22.0.843 and Application 20.0.1923 that stems from insufficient password encryption strength...

9.8CVSS6.8AI score0.00353EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. Vasion Print has a security vulnerability that stems from an insecure logging permission configuration...

9.8CVSS6.8AI score0.00645EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.3 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print that stems from the presence of an elevation of privilege vulnerability...

8.8CVSS7AI score0.00717EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.2 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print versions prior to 22.0.862 and Application 20.0.2014 that stems from the inclusion of private keys in the Docker overlay...

9.8CVSS6.6AI score0.00832EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print that stems from a server-side trust HTTP permission method leading to insecure extension installation...

9.8CVSS6.6AI score0.00832EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.5 views

Vasion Print 授权问题漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. A security vulnerability exists in Vasion Print versions prior to 22.0.843 Application 20.0.1923 that stems from an OAUTH security bypass...

9.8CVSS6.7AI score0.00586EPSS
Exploits0References2
NVD
NVD
added 2025/01/17 6:15 a.m.10 views

CVE-2024-11146

TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is an entirely cloud-hosted application. Prior to version 3.1.112.19, TrueFiling trusted some...

6.3CVSS0.00317EPSS
Exploits0References2
CVE
CVE
added 2025/01/17 5:21 a.m.52 views

CVE-2024-11146

TrueFiling (cloud-hosted filing system) prior to version 3.1.112.19 trusts client-controlled identifiers passed in URLs, enabling authenticated users to manipulate identifiers to gain partial access to case information and to partially change user access. The issue is a user-controlled authorizat...

6.3CVSS7AI score0.00317EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/17 5:21 a.m.4 views

CVE-2024-11146 TrueFiling authorization bypass via user-controlled keys

TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is an entirely cloud-hosted application. Prior to version 3.1.112.19, TrueFiling trusted some...

6.3CVSS7AI score0.00317EPSS
Exploits0References2
Citrix
Citrix
added 2024/07/14 12:0 a.m.7 views

Citrix DAAS Console

Introduction This article is a summary of the top support articles related to Citrix Daas web consoles: Web Studio and Monitor. Top Knowledge Content Director CTX257614 - How to create a detailed custom report from the Cloud Hosted Director Monitor Web Studio CTX477615 - Studio Console Shows...

7AI score
Exploits0
CNNVD
CNNVD
added 2024/06/27 12:0 a.m.4 views

Elektraweb Trust Management Issues Vulnerability

Elektraweb is a cloud-hosted web-based hotel program from Elektraweb, Turkey. A trust management issue vulnerability exists in Elektraweb versions prior to v17.0.68, which stems from a security issue where the system suffers from improper access control, lack of authorization, incorrect...

9.8CVSS6.7AI score0.00528EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/06/27 12:0 a.m.3 views

Elektraweb Security Vulnerabilities

Elektraweb is a cloud-hosted web-based hotel program from Elektraweb, Turkey. A security vulnerability exists in Elektraweb versions prior to v17.0.68, which stems from reliance on unvalidated and integrity-checked cookies, which allows an attacker to manipulate, access/intercept/modify HTTP...

9.8CVSS6.8AI score0.00477EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/05/10 7:41 a.m.29 views

Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models

Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model LLM services with the goal of selling access to other threat actors. The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team...

9.8CVSS7.1AI score0.99943EPSS
Exploits36
Fedora
Fedora
added 2024/04/28 3:29 a.m.23 views

[SECURITY] Fedora 39 Update: golang-gvisor-20240408.0-1.20240418git9e5a99b.fc39

gVisor is an open-source, OCI-compatible sandbox runtime that provides a virtualized container environment. It runs containers with a new user-space kernel, delivering a low overhead container security solution for high-density applications. gVisor integrates with Docker, containerd and Kubernete...

9.3CVSS10AI score0.05416EPSS
Exploits4
Fedora
Fedora
added 2024/04/28 3:29 a.m.29 views

[SECURITY] Fedora 38 Update: golang-gvisor-20240408.0-1.20240418git9e5a99b.fc38

gVisor is an open-source, OCI-compatible sandbox runtime that provides a virtualized container environment. It runs containers with a new user-space kernel, delivering a low overhead container security solution for high-density applications. gVisor integrates with Docker, containerd and Kubernete...

9.3CVSS10AI score0.05416EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2023/12/21 9:35 p.m.26 views

How does ThreatDown Vulnerability Assessment and Patch Management work?

Maintaining updated systems and applications is a challenge for any IT team—especially considering the sheer volume of vulnerabilities organizations must find and prioritize on a rolling basis. ThreatDown Vulnerability Assessment VA, now included for free in every ThreatDown bundle, simplifies th...

7.2AI score
Exploits0
Rows per page
Query Builder