ABB Cylon Aspect 3.08.01 (jsonProxy.php) Servlet Inclusion Authentication Bypass

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller is vulnerable to remote, arbitrary servlet...

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Credential Disclosure

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Credentials Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.08.01 jsonProxy.php Username Enumeration Vulnerability

ABB Cylon Aspect version 3.08.01 is vulnerable to username enumeration in the jsonProxy.php endpoint. An unauthenticated attacker can interact with the UserManager servlet to enumerate valid usernames on the system. Since jsonProxy.php proxies requests to internal services without requiring...

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.08.01 jsonProxy.php Cross Site Scripting

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Reflected XSS Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy manageme...

SUSE CVE-2024-50610

GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs...

ABB Cylon Aspect 3.08.01 Active Debug Data Exposure

ABB Cylon Aspect 3.08.01 auth/ Active Debug Code Vulnerability Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: 3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

CVE-2024-50610

A flaw was found in the GNU Scientific Library GSL. A specially-crafted payload can trigger incorrect memory allocation, which can lead to memory corruption or an application crash...

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building...

ABB Cylon Aspect 3.08.01 (getApplicationNamesJS.php) Building/Project Name Exposure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The building management system suffers from an unauthenticated...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2024-2631)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-51868 CVE-2024-50610 affecting package gsl 2.6-3

GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs...

AZL-51881 CVE-2024-50610 affecting package gsl 2.8-1

GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs...

DEBIAN-CVE-2024-50610

GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs...

CVE-2024-50610

GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs...

UBUNTU-CVE-2024-50610

GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs...

CVE-2024-50610

GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs...

CVE-2024-50610

CVE-2024-50610 affects GSL (GNU Scientific Library) up to version 2.8. The issue is an integer signedness error in gsl_siman_solve_many (in siman/siman.c) that can trigger incorrect memory allocation when params.n_tries is negative. Multiple connected advisories (ALAS/AL2 and OSV feed) confirm th...

PT-2024-34356

Name of the Vulnerable Software and Affected Versions: GSL GNU Scientific Library versions prior to 2.9 Description: The issue is caused by an integer signedness error in the gsl siman solve many function, located in siman/siman.c. This error occurs when params.n tries is negative, resulting in...

CVE-2024-50610

GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs...