Tenda A15 wepkey parameter stack overflow vulnerability

Tenda A15 is a WiFi extender from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda A15 wepkey parameter, which originates from the lack of length checking of input data in the wepkey parameter of /goform/WifiBasicSet, and can be exploited by an attacker to execute...

CVE-2022-37922

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

The vulnerability of the SAP Manufacturing Execution system lies in the incorrect restriction of the path name to the restricted catalog, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the SAP Manufacturing Execution system is related to incorrect restrictions on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

CVE-2022-37880

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to comple...

Denial Of Service (DoS)

vim is vulnerable to remote code execution. The vulnerability exists due to a use after free allowing an attacker to crash the system via memory corruption...

PUB-A-188911154

In hypxcreateblobdmabuf of faceauthhypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PT-2021-5751

Name of the Vulnerable Software and Affected Versions bundler versions prior to 2.2.33 Description The issue is related to the handling of untrusted Gemfile's in bundler. When a Gemfile includes gem entries with the git option and invalid values starting with a dash, it can lead to Code Execution...

The vulnerability of the AVEVA System Platform, a software for managing production processes; AVEVA WorkTasks, software for decision-making support on mobile devices; AVEVA Mobile Operator, a system for operational production management; AVEVA Manufacturing Execution System, software for integrated production management; AVEVA Batch Management, software for batch-based production control; AVEVA Enterprise Data Management, a software platform for enterprise data management. This vulnerability is related to an uncontrolled element in the search process, allowing attackers to escalate their privileges.

The vulnerabilities of the AVEVA System Platform, which is used for dispatching control applications; AVEVA WorkTasks, which is software for managing production processes; AVEVA Mobile Operator, which is software for supporting decision-making on mobile devices; AVEVA Manufacturing Execution...

[SECURITY] Fedora 33 Update: salt-3003.3-1.fc33

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

[SECURITY] Fedora 34 Update: salt-3003.3-1.fc34

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

Unspecified Vulnerability in Camstar Enterprise Platform andOpcenter Execution Core

Opcenter Execution Core formerly known as Camstar Enterprise Platform by Siemens PLM Software is a general-purpose available Manufacturing Execution System MES. A security vulnerability exists in Camstar Enterprise Platform andOpcenter Execution Core, which can be exploited by attackers to obtain...

Siemens Opcenter 信息泄露漏洞

Opcenter Execution Core formerly known as Camstar Enterprise Platform by Siemens PLM Software is a general-purpose available Manufacturing Execution System MES. A security vulnerability exists in Camstar Enterprise Platform andOpcenter Execution Core, which can be exploited by attackers to obtain...

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

Siemens Opcenter Execution Core Cross-Site Scripting Vulnerability

Opcenter Execution Core formerly known as Camstar Enterprise Platform is a general purpose Manufacturing Execution System MES. A cross-site scripting vulnerability exists in Siemens Opcenter Execution Core. An attacker could exploit the vulnerability to obtain a session cookie from a legitimate...

Arbitrary Code Execution

imagemagick is vulnerable to arbitrary code execution. A heap-based buffer over-read in MagickCore/fourier.c allows an attacker to execute code on the system due to incorrect calls to GetCacheViewVirtualPixels...

ICSA-19-281-04 Siemens SIMATIC IT UADM

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC IT Unified Architecture Discrete Manufacturing UADM Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability...

Mozilla Firefox ESR Security Advisories (MFSA2019-06, MFSA2019-08) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

MS16-086: Description of the security update for JScript 5.8 and VBScript 5.8: July 12, 2016

MS16-086: Description of the security update for JScript 5.8 and VBScript 5.8: July 12, 2016 Summary This security update resolves a vulnerability in the JScript and VBScript scripting engines in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a specially...

[SECURITY] Fedora 19 Update: salt-0.17.1-1.fc19

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

Mozilla Firefox ESR Multiple Vulnerabilities - August12 (Windows)

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvulnaug12win.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities - August12 Windows Authors: Arun Kallavi Copyright:...