QNAP QTS and QuTS hero out-of-bounds write vulnerabilities

QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...

Mattermost 安全漏洞

Mattermost is an open source, self-hosted, enterprise-class chat platform that provides secure team communication and collaboration capabilities. A resource-consuming vulnerability exists in Mattermost. An attacker could exploit this vulnerability to cause a service down or denial of service...

IBM DS8900F HMC Information Disclosure Vulnerability

The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. An information disclosure vulnerability exists in the IBM DS8900F HMC, which can be exploited by an attacker to read arbitrary files after...

IBM DS8900F HMC Log Message Disclosure Vulnerability

The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. The IBM DS8900F HMC suffers from a log information disclosure vulnerability that can be exploited by an attacker to view sensitive log...

IBM TRIRIGA Application Platform Cross-Site Scripting Vulnerability (CNVD-2024-01175)

The IBM TRIRIGA Application Platform is a set of technology platforms for deploying TRIRIGA applications from International Business Machines IBM. The platform provides a set of design-time and run-time components for building and running its enterprise-class applications, respectively, and...

Tenda G103 Command Injection Vulnerability

Tenda G103 is an enterprise-grade Ap router from Tenda China. The Tenda G103 suffers from a command injection vulnerability that can be exploited by an attacker to obtain sensitive information via a crafted packet...

Green Alliance NF firewall has information leakage vulnerability

Green Alliance NF Firewall is an enterprise-class next-generation border security product constructed by Green Alliance Technology on the basis of the latest generation 64-bit multi-core hardware platform, combined with the application layer security protection concept and high-speed packet...

[SECURITY] Fedora 35 Update: rsyslog-8.2204.0-1.fc35

Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06385)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco USA, which is mainly used to configure firewall, VPN and intrusion protection security services on Cisco networks and security devices.Cisco Security Manager has a cross-site scripting vulnerability, which...

IBM MQ Appliance has an unspecified vulnerability (CNVD-2021-92963)

The IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from IBM U.S.A. A security vulnerability exists in the IBM MQ Appliance that stems from the appliance being affected by a denial-of-service attack caused by a concurrency issue. No detail...

Trend Micro Worry-Free Business Security Buffer Overflow Vulnerability

Trend Micro Worry-Free Business Security is a suite of enterprise-class information security protection solutions from Trend Micro. The product provides anti-spam, anti-virus, network security and email protection. Trend Micro Worry-Free Business Security suffers from a buffer overflow...

Multiple Huawei products cross the border to write vulnerabilities

Huawei Ngfw Module is a firewall module from Huawei, China.Huawei IPS Module is an Intrusion Prevention System IPS module from Huawei, China.Huawei S5700, Huawei S12700, Huawei S2700 and Huawei The Huawei S5700, Huawei S12700, Huawei S2700 and Huawei S6700 are all enterprise-class switches from...

Unspecified Vulnerability in Tecknodreams SapphireIMS

Tecknodreams SapphireIMS is an ITIL 2011 certified enterprise class service management system from Tecknodreams India. A security vulnerability exists in Tecknodreams SapphireIMS 40971, which can be exploited by an attacker for username enumeration...

Tecknodreams SapphireIMS Access Control Error Vulnerability

Tecknodreams SapphireIMS is an ITIL 2011 certified enterprise-class service management system from Tecknodreams India.A security vulnerability exists in Tecknodreams SapphireIMS version 5.0, which stems from direct access to the RemoteMgmtTaskSave feature and no JSESSIONID, which can be used to...

Rancher Labs Rancher has an unspecified vulnerability

Rancher Labs Rancher is an open source, enterprise-class container management platform from Rancher Labs, Inc. A security vulnerability exists in Rancher Labs Rancher, which stems from a reliance on untrusted input in a security decision vulnerability in Rancher. An attacker could exploit the...

Huawei AR1220F-S has a weak password vulnerability

Huawei AR1220F-S is a new-generation enterprise-class gigabit router. The Huawei AR1220F-S has a weak password vulnerability, which can be exploited by attackers to log into the system backend and obtain sensitive information...

Weak password vulnerability in AR2240 of Huawei Technologies Co.

Huawei AR2240 is an enterprise router product developed by Huawei. A weak password vulnerability exists in the Huawei Technologies AR2240 series, which can be exploited by attackers to obtain sensitive information...

IBM MQ Appliance Cross-Site Scripting Vulnerability

The IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from IBM USA. A cross-site scripting vulnerability exists in the IBM MQ Appliance, which can be exploited by an attacker to perform malicious and unauthorized actions transmitted from a...

JetLinks open source IoT platform suffers from weak password vulnerability

JetLinks open source Internet of Things platform based on Java8, Spring Boot 2.x, WebFlux, Netty, Vert.x, Reactor and other development , is an out-of-the-box , secondary development of enterprise-class Internet of Things infrastructure platform . JetLinks open source IoT platform has a weak...

Command Execution Vulnerability in IceWarp Mail Server

IceWarp Mail Server is an enterprise-grade email, collaboration and mobile solution for organizations of all sizes. A command execution vulnerability exists in IceWarp Mail Server, which can be exploited by an attacker to perform command execution by constructing malicious statements...