Siemens QMS Automotive Code Issue Vulnerability (CNVD-2023-71216)

Siemens QMS Automotive is a quality management system for the automotive industry from Siemens, Germany. A code issue vulnerability exists in Siemens QMS Automotive, which stems from the affected application's QMS.Mobile module not invalidating session tokens upon logout. An attacker could exploi...

Siemens QMS Automotive 代码问题漏洞

Siemens QMS Automotive is a quality management system for the automotive industry from Siemens, Germany. Siemens QMS Automotive has a code issue vulnerability that can be exploited by an attacker to upload malicious files, which could lead to code tampering...

Zoom Client Code Issue Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A code issue vulnerability exists in Zoom Client that stems from the presence of an untrusted search path that could allow a privileged user to escalate privileges via local access...

WireMock Code Issue Vulnerability

WireMock is a popular open source tool for API mock testing open source by WireMock. A code issue vulnerability exists in WireMock that stems from the fact that when certain request URLs are used in WireMock Studio configuration fields, the request may be forwarded to an arbitrary service...

WireMock Code Issue Vulnerability

WireMock is a popular open source tool for API simulation testing from WireMock Open Source. WireMock has a code issue vulnerability that stems from Filtering target addresses from proxy mode does not work for Webhooks...

Mozilla Firefox Code Problem Vulnerability (CNVD-2023-75344)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code issue vulnerability that stems from a potentially exploitable crash that can be exploited by an attacker to cause a use-after-release when receiving rendered data vi...

LibreY Code Issue Vulnerability

LibreY is a fork of LibreX, a frameless and JavaScript-free privacy-respecting metasearch engine by hnhx. A code issue vulnerability exists in LibreY. A remote attacker could use this vulnerability to send an HTTP GET request to an arbitrary target using the server as a proxy and retrieve intrane...

ForeScout SecureConnector Code Issue Vulnerability

Forescout ForeScout SecureConnector is a network security software from Forescout, Inc. that authenticates machines attempting to join a network. A code issue vulnerability exists in ForeScout SecureConnector version 11.2 that stems from the presence of uncontrolled search path elements...

OpenBSD Code Issues Vulnerabilities

OpenBSD is a cross-platform, BSD-based UNIX-like operating system from the Canadian OpenBSD project team. A code issue vulnerability exists in versions of OpenBSD prior to 8.1 that stems from incorrect handling of BGP update data path attribute length set by a potential remote participant. An...

Graylog 代码问题漏洞

Graylog is a centralized log management solution from Graylog USA. The product supports capturing, storing, and analyzing logs in real-time, among other things. Graylog suffers from a code issue vulnerability that stems from the fact that in a multi-node Graylog cluster, after a user is explicitl...

Apache Airflow code issue vulnerability (CNVD-2023-85615)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow has a code issue vulnerability that can be exploited by an attacker ...

Apache Airflow 代码问题漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow has a code issue vulnerability that can be exploited by an attacker ...

Unable to enter multi-factor authentication with Citrix DaaS Remote PowerShell SDK

After installing and running the Virtual Apps and Desktops Remote PowerShell SDK, explicit authentication is required using the Get-XdAuthentication cmdlet. After entering the username and password, multi-factor authentication dialog is displayed,but the 6-digit OTP code input items are not...

BoidCMS 代码问题漏洞

BoidCMS is a free open source flat file CMS for building simple websites and blogs, developed in PHP and using JSON as the database. A code issue vulnerability exists in BoidCMS version v.2.0.0, which originates from a vulnerability that allows remote attackers to execute arbitrary code via the G...

WordPress Plugin Booking Manager 代码问题漏洞

Linux Kernel Memory Misreference Vulnerability CNVD-2023-65164...

IBM Cognos Analytics 代码问题漏洞

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A code issue...

PandasAI vulnerable to arbitrary code execution

An issue in pandas-ai v.0.8.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

Intel VCUST Tool Code Issue Vulnerability

Intel VCUST Tool is a command line tool from Intel Corporation USA. A security vulnerability exists in IntelR VCUST Tool. An attacker could exploit the vulnerability to elevate privileges...

Ivanti Avalanche Code Issue Vulnerability

Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. Ivanti Avalanche has a code issue vulnerability that originates from a sensitive data disclosure in the decodeToMap...

SAP Business Objects Code Issue Vulnerability

SAP Business Objects is a business intelligence suite from SAP, Germany. A code issue vulnerability exists in SAP BusinessObjects Installer that originates from allowing an authenticated attacker within a network to overwrite an executable file created in a temporary directory during installation...