16 matches found
EUVD-2024-19710
Malicious code in bioql PyPI...
SUSE CVE-2024-22114
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...
CVE-2024-22114
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...
DEBIAN-CVE-2024-22114
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...
CVE-2024-22114
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...
UBUNTU-CVE-2024-22114
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...
CVE-2024-22114
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...
CVE-2024-22114
CVE-2024-22114 affects Zabbix where a user with no host permissions can view host counts and other statistics via the System Information Widget in Global View Dashboard. Public sources (Astra Linux, openSUSE, Debian LTS advisories, and Tenable/NASL plugs) confirm this as a Zabbix frontend exposur...
CVE-2024-22114 System Information Widget in Global View Dashboard exposes information about Hosts to Users without Permission
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...
CVE-2024-22114 System Information Widget in Global View Dashboard exposes information about Hosts to Users without Permission
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...
PT-2024-10427 · Zabbix +3 · Zabbix +3
Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: The issue is related to incorrect permission storage in the Zabbix monitoring system. This allows an unauthorized user to access and view host count and other statistics through the System...
Improper Access Control
org.jenkins-ci.main, jenkins-core is vulnerable to Improper Access Control. The vulnerability is caused due to a missing permission check in an HTTP end point. This allows attackers with Overall/Read permission to access other users' "My Views" and attackers with global View/Configure and...
PT-2024-30269 · Jenkins +1 · Jenkins +1
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.470 and earlier Jenkins LTS versions 2.452.3 and earlier Description: The issue arises from a lack of permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views"...
Zabbix 5.0.0 - Stored XSS via URL Widget Iframe
Exploit Title: Zabbix 5.0.0 - Stored XSS via URL Widget Iframe Date: 8/11/2020 Exploit Author: Shwetabh Vishnoi Vendor Homepage: https://www.zabbix.com/ Software Link: https://www.zabbix.com/download Affected Version: Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before...
Zabbix 5.0.0 Cross Site Scripting
Exploit Title: Zabbix 5.0.0 - Stored XSS via URL Widget Iframe Date: 8/11/2020 Exploit Author: Shwetabh Vishnoi Vendor Homepage: https://www.zabbix.com/ Software Link: https://www.zabbix.com/download Affected Version: Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before...
Visa: New Tools Could Spot Additional $1.5b In Fraud
Credit card giant Visa Inc. said on Thursday that an update to its anti-fraud technology will make it easier to spot sophisticated credit card fraud that spans national borders. Visa said the update amounted to a major upgrade of Visa Advanced Authentication, the company’s real time risk scoring...