PT-2024-20078 · Quest · Quest Kace Agent For Windows

Name of the Vulnerable Software and Affected Versions: Quest KACE Agent for Windows versions 12.0.38 through 13.1.23.0 Description: An unquoted Windows search path issue exists in the KSchedulerSvc.exe and AMPTools.exe components, allowing local attackers to execute code of their choice with NT...

PT-2024-20076 · Quest · Kace Agent

Name of the Vulnerable Software and Affected Versions: Quest KACE Agent for Windows versions 12.0.38 through 13.1.23.0 Description: An issue exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components, allowing local attackers to create any file of their choice with NT...

PT-2023-25521 · Adiscon · Loganalyzer

Name of the Vulnerable Software and Affected Versions: Adiscon LogAnalyzer versions through 4.1.13 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via the "asktheoracle.php", "details.php", "index.php", "search.php", "export.php", "reports.php", an...

PT-2021-6722 · Cacti · Cacti

Name of the Vulnerable Software and Affected Versions: Cacti version 1.2.12 Description: The issue is related to multiple Cross Site Scripting XSS vulnerabilities in several components of the Cacti network monitoring tool, including reports admin.php, data queries.php, data input.php, graph...

PT-2020-5503 · Mpxj · Mpxj

Name of the Vulnerable Software and Affected Versions: MPXJ versions 8.1.3 and earlier Description: The issue is related to the incorrect restriction of XML external entity references in the GanttProjectReader and PhoenixReader components of the MPXJ library. This can allow a remote attacker to...

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Overview Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. Description The HTTP Security Servers component of Check Point Firewall-1 contains an HTTP parsing vulnerability that is triggered by...