Lucene search
K

246 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-39433

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00316EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.4 views

Gallagher Command Centre Server 安全漏洞

Gallagher Command Centre Server is a management system used by Gallagher New Zealand to monitor and manage infrastructure in buildings. A security vulnerability exists in Gallagher Command Centre Server that stems from a privilege context switching error that could lead to cross-departmental...

5.6CVSS6.7AI score0.00105EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:32 a.m.5 views

CVE-2024-23194

Improper output Neutralization for Logs CWE-117 in the Command Centre API Diagnostics Endpoint could allow an attacker limited ability to modify Command Centre log files. This issue affects: Gallagher Command Centre v9.10 prior to vEL9.10.1268 MR1...

3.3CVSS6.9AI score0.00148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:26 a.m.8 views

CVE-2024-21838

Improper neutralization of special elements in output CWE-74 used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 MR2, 8.90 prior to...

6.8CVSS7.1AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:11 a.m.7 views

CVE-2023-23570

Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undefined behavior. This issue affects: Gallagher Command Centre 8.90 prior to vEL8.90.1620 MR2, all versions of 8.80 and prior...

8.1CVSS7AI score0.00666EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:39 a.m.6 views

CVE-2023-23584

An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an insufficiently-privileged user to infer the presence of items that would not otherwise be viewable. This issue affects: Gallagher Command Centre 8.70 prior to vEL8.70.1787 MR2, 8.60 prior to vEL8.60.2039 MR4, all...

4.3CVSS6.9AI score0.00503EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:20 p.m.8 views

CVE-2021-23230

A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359...

9.9CVSS8.1AI score0.0066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.5 views

CVE-2021-23204

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command Centre Operators. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359 MR3...

8.1CVSS6.8AI score0.00698EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:18 p.m.16 views

CVE-2021-23211

Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows Cloud end-to-end encryption key to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3...

6CVSS6.9AI score0.00108EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.6 views

CVE-2021-23140

Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised Command Centre Operator. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359 MR3; 8.20 versions prio...

9.9CVSS7AI score0.00853EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.7 views

CVE-2021-23136

Improper Authorization vulnerability in Gallagher Command Centre Server allows macro overrides to be performed by an unprivileged Command Centre Operator. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359 MR3; 8.20 versions prior t...

6.5CVSS6.9AI score0.00583EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:22 p.m.15 views

CVE-2021-23205

Improper Encoding or Escaping in Gallagher Command Centre Server allows a Command Centre Operator to alter the configuration of Controllers and other hardware items beyond their privilege. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to...

8.5CVSS6.9AI score0.00871EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:22 p.m.14 views

CVE-2021-23182

Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; All versions of 8.30...

6CVSS6.9AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:15 p.m.8 views

CVE-2020-16099

In Gallagher Command Centre v8.20 prior to v8.20.1093MR2 it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect...

4.3CVSS7AI score0.008EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:25 a.m.7 views

CVE-2019-19801

In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134MR4, v8.00 prior to v8.00.1161MR5, v7.90 prior to v7.90.991MR5, v7.80 prior to v7.80.960MR2 and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases...

5.5CVSS6.8AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:55 a.m.13 views

CVE-2019-19802

In Gallagher Command Centre Server v8.10 prior to v8.10.1134MR4, v8.00 prior to v8.00.1161MR5, v7.90 prior to v7.90.991MR5, v7.80 prior to v7.80.960MR2 and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without...

6.5CVSS6.8AI score0.00752EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 a.m.9 views

CVE-2019-15294

An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092MR2. Upon an upgrade, if a custom service account is in use and the visitor management service is installed, the Windows username and password for this service are logged in cleartext to the Commandcentre.log file...

9.8CVSS7.2AI score0.01163EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/10 2:44 a.m.10 views

CVE-2024-41724

Improper Certificate Validation CWE-295 in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the SALTO server. This issue affects all versions of Gallagher Command Centre prior to 9.20.1043...

8.7CVSS0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/10 2:44 a.m.8 views

CVE-2024-41724

Improper Certificate Validation CWE-295 in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the SALTO server. This issue affects all versions of Gallagher Command Centre prior to 9.20.1043...

8.7CVSS7.1AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2025/03/10 2:44 a.m.54 views

CVE-2024-41724

CVE-2024-41724 describes an improper certificate validation (CWE-295) in the Gallagher Command Centre SALTO integration that allows an attacker to spoof the SALTO server. The issue affects all versions of Gallagher Command Centre prior to 9.20.1043. The provided documents consistently identify th...

8.7CVSS7.1AI score0.00178EPSS
Exploits0References1
Rows per page
Query Builder