Siemens COMOS Web Component Cross-Site Scripting Vulnerability

COMOS is a unified data platform for collaborative plant design, operations, and management that supports the collection, processing, storage, and distribution of information throughout the plant lifecycle.A cross-site scripting vulnerability exists in the Siemens COMOS Web component that could b...

Security Bulletin: WebSphere Application Server is vulnerable to a denial of service which can impact IBM Engineering Lifecycle Management (ELM) products based on IBM Jazz technology

Summary WebSphere Application Server is vulnerable to a denial of service CVE-2021-38951. This may affect IBM Engineering Products based on IBM Jazz technology. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

[SECURITY] [DLA 2847-1] mediawiki security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2847-1 [email protected] https://www.debian.org/lts/security/ Moritz Muehlenhoff December 15, 2021 https://wiki.debian.org/LTS -...

Redherd Framework -A Collaborative And Serverless Framework For Orchestrating A Geographically Distributed Group Of Assets

RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets capable of conducting simulating complex offensive cyberspace operations. --- Getting Started Take a look at the RedHerd documentation for instructions on how to getting started with...

Smersh - A Pentest Oriented Collaborative Tool Used To Track The Progress Of Your Company'S Missions

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions and generate rapport. Preview front Angular: Documentation All information is available at the following address: https://docs.smersh.app How to contribute ? Just fork repository then create...

Pollenisator - Collaborative Pentest Tool With Highly Customizable Tools

Pollenisator is a tool aiming to assist pentesters and auditor automating the use of some tools/scripts and keep track of them. Written in python 3 Provides a modelisation of "pentest objects" : Scope, Hosts, Ports, Commands, Tools etc. Tools/scripts are separated into 4 categories : wave,...

Apache Zeppelin Authentication Bypass Vulnerability

Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation that supports interactive data analysis and collaborative documentation. The program supports interactive data analysis and collaborative documentation. Apache Zeppelin 0.9.0 and earlier versions contain a...

CVE-2021-32744 Unauthenticated attacker could gain access to currently open files

Collabora Online is a collaborative online office suite. In versions prior to 4.2.17-1 and version 6.4.9-5, unauthenticated attackers are able to gain access to files which are currently opened by other users in the Collabora Online editor. For successful exploitation the attacker is required to...

CVE-2021-2406

Vulnerability in the Oracle Collaborative Planning product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Collaborative...

CVE-2021-2406

Vulnerability in the Oracle Collaborative Planning product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Collaborative...

Design/Logic Flaw

Vulnerability in the Oracle Collaborative Planning product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Collaborative...

CVE-2021-2406

Vulnerability in the Oracle Collaborative Planning product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Collaborative...

CVE-2021-2406

CVE-2021-2406 affects Oracle E-Business Suite’s Oracle Collaborative Planning product, User Interface component. Affected versions are 12.1.1–12.1.3. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracle Collaborative Planning, potentially enabling u...

CVE-2021-2406

Vulnerability in the Oracle Collaborative Planning product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Collaborative...

Oracle E-Business Suite输入验证错误漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is seamlessly integrated with a management suite.Oracle...

MediaWiki: Multiple vulnerabilities

Background MediaWiki is a collaborative editing software used by large projects such as Wikipedia. Description Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for detail...

File upload vulnerability in Wando ezOFFICE collaboration management platform (CNVD-2021-54069)

Wando ezOFFICE collaborative management platform is a comprehensive information base application platform. A file upload vulnerability exists in Wando ezOFFICE Collaborative Management Platform, which can be exploited by an attacker to gain control of the server...

CVE-2021-32733

CVE-2021-32733 relates to Nextcloud Text (Nextcloud Server) where a cross-site scripting vulnerability exists in Nextcloud Text prior to 21.0.3, caused by serving files with a text/html Content-Type. The issue is mitigated by Content-Security-Policy in modern browsers but was fixed in Nextcloud T...

SQL Injection Vulnerability in LinkWorks GroupWorks Platform

Based on the construction industry, Quanta Technology Co., Ltd. provides customers with digital hardware and software products, solutions and related services around the whole life cycle of engineering projects. A SQL injection vulnerability exists in LinkWorks collaborative work platform, which...

Arbitrary File Write Vulnerability in Panavision OA E-office

Panmicro OA E-office system is a professional collaborative OA software for small and medium-sized organizations, a leading brand in the field of domestic collaborative OA office, dedicated to providing professional OA office system, mobile OA applications and other collaborative OA overall...