22 matches found
EUVD-2022-24414
Malicious code in bioql PyPI...
EUVD-2023-32665
Malicious code in bioql PyPI...
CVE-2022-26423
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-1059
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-27494
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
Default credentials
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
Default credentials
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-27494 CROSS-SITE SCRIPTING CWE-79
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-1070 CHANNEL ACCESSIBLE BY NON-ENDPOINT CWE-300
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-1070 CHANNEL ACCESSIBLE BY NON-ENDPOINT CWE-300
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-1059 CROSS-SITE SCRIPTING CWE-79
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-1059
CVE-2022-1059 affects Aethon TUG Home Base Server versions prior to 24. The vulnerability is a reflected cross-site scripting (XSS) flaw in the Load tab of the Fleet Management Console. Unauthenticated attackers could trigger/script injection through this tab, potentially accessing data or impact...
CVE-2022-26423 MISSING AUTHORIZATION CWE-862
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-26423 MISSING AUTHORIZATION CWE-862
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
CVE-2022-1066 MISSING AUTHORIZATION CWE-862
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials...
PT-2022-3549 · Aethon · Aethon Tug Home Base Server
Name of the Vulnerable Software and Affected Versions: Aethon TUG Home Base Server versions prior to version 24 Description: The issue is related to weaknesses in the authorization procedure of the server. It allows a remote attacker to gain unauthorized access to hashed user credentials...
PT-2022-3560 · Aethon · Tug Home Base Server
Name of the Vulnerable Software and Affected Versions: Aethon TUG Home Base Server versions prior to version 24 Description: The issue is related to the lack of input data sanitization in the "Reports" component of the TUG Home Base Server, which can allow a remote attacker to conduct a cross-sit...
CVE-2020-3450
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted...
Sql injection
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted...
CVE-2020-3450 Cisco Vision Dynamic Signage Director SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted...