5458 matches found
CVE-2024-6671
In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password...
CVE-2024-6671
In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password...
CVE-2024-6670
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password...
CVE-2024-6670
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password...
CVE-2024-6671
WhatsUp Gold (Progress) is affected in versions released before 2024.0.0 where, in single-user configurations, an unauthenticated attacker can perform SQL injection to retrieve encrypted user passwords (authentication bypass risk). The connected Nuclei template confirms the vulnerability as a SQL...
CVE-2024-6670 WhatsUp Gold HasErrors SQL Injection Authentication Bypass Vulnerability
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password...
CVE-2024-6670 WhatsUp Gold HasErrors SQL Injection Authentication Bypass Vulnerability
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password...
CVE-2024-6670
Summary (CVE-2024-6670): Progress WhatsUp Gold prior to version 24.0.0 contains a SQL Injection vulnerability that can allow an unauthenticated attacker to retrieve a user’s encrypted password. Public references confirm exploitation guidance (e.g., Metasploit module) and acknowledgments by CISA K...
WhatsUp Gold 安全漏洞
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability previously existed in WhatsUp Gold version 2024.0.0, which...
WhatsUp Gold 安全漏洞
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability previously existed in WhatsUp Gold version 2024.0.0, which...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect method being invoked when starting the SEV virtual machine...
Progress WhatsUp Gold < 24.0.0 Multiple Vulnerabilities (000263015)
The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 000263015 advisory: - In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQ...
The vulnerability of microprogrammed software in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters exists due to the presence of rigidly encrypted credentials in the application code. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...
Multiple Safie products vulnerable to improper server certificate verification
Overview Multiple Safie products are vulnerable to improper server certificate verification CWE-295. The product can be operated via port 11029/TCP and Bluetooth, and its communications are AES encrypted. The product user can obtain the encryption key from the cloud server based on the...
JVN#83440451: Multiple Safie products vulnerable to improper server certificate verification
Multiple Safie products are vulnerable to improper server certificate verification CWE-295. The product can be operated via port 11029/TCP and Bluetooth, and its communications are AES encrypted. The product user can obtain the encryption key from the cloud server based on the device-specific...
UBUNTU-CVE-2024-43874
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...
The vulnerability of the industrial server for serial devices of Korenix JetPort lies in the absence of encrypted confidential data, which allows attackers to circumvent existing security restrictions.
The vulnerability of the industrial server for serial devices of Korenix JetPort lies in the absence of encrypted confidential data. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...
GO-2023-1700 Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker
Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker...
GO-2023-1701 Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker...
GO-2023-1699 Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/docker
Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/docker...