8 matches found
CVE-2022-24855
Metabase is an open source business intelligence and analytics application. In affected versions Metabase ships with an internal development endpoint /internal that can allow for cross site scripting XSS attacks, potentially leading to phishing attempts with malicious links that could lead to...
PT-2024-23862 · Sunshine · Sunshine
Name of the Vulnerable Software and Affected Versions: Sunshine versions 0.16.0 through 0.17.x Description: Sunshine is a self-hosted game stream host for Moonlight. An attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who...
Schneider Electric Modicon M340 Buffer Overflow Vulnerability
OVERVIEW David Atch of CyberX has identified a buffer overflow vulnerability in Schneider Electric’s Modicon M340 PLC product line. Schneider Electric has produced a new firmware patch to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Schneider...
Seagate Central unauthenticated file upload
Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...
Seagate Central unauthenticated file upload
Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...
Microsoft Windows媒体组件ISATAP URL处理信息泄露漏洞(MS08-076)
BUGTRAQ ID: 32654 CVECAN ID: CVE-2008-3010 Windows媒体组件包括Windows Media Player、Windows Media Format Runtime和Windows Media Services等多种服务和应用。...
Microsoft Windows Media Services fails to properly validate TCP requests
Overview Microsoft Windows Media Services fails to properly validate TCP requests which could allow a remote, unauthenticated attacker to cause the services to refuse new TCP connections. Description Microsoft Windows Media Services is an optional component that provides the ability to deliver...
AOL Instant Messenger vulnerable to denial-of-service attack via buddy list transfers
Overview America Online's Instant Messenger AIM contains a remotely exploitable buffer overflow vulnerability. Description AOL Instant Messenger is a program for communicating with other users over the Internet and is widely used. During a buddy list transfer, a buffer overflow may occur. It has...