16600 matches found
Cisco Secure Firewall Management Center Software SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability,...
Cisco Secure Firewall Management Center Software Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating...
Cisco Secure Firewall Management Center Software Cluster Backup Command Injection Vulnerability
A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to...
The vulnerability of the application software interface of the Trend Micro Cloud Edge device for comprehensive network security management allows a perpetrator to execute arbitrary code.
The vulnerability of the application software interface of the Trend Micro Cloud Edge device for comprehensive network security management is related to the failure to take measures for data cleaning at the management level. Exploiting this vulnerability allows a malicious actor to execute...
CVE-2024-40088
A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to enumerate the existence and length of any file in the filesystem by placing malicious payloads in the path of any HTTP request...
CVE-2024-43689
Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...
CVE-2024-43689
Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...
CVE-2024-43689
Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...
CVE-2024-43689
CVE-2024-43689 describes a stack-based buffer overflow in ELECOM wireless access points/routers triggered by processing a crafted HTTP request, potentially enabling arbitrary code execution. Affected products and versions (per connected sources): WRC-X3000GS2-B/W/GS2A-B before 1.09; WAB-I1750-PS ...
CVE-2024-43689
Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...
OESA-2024-2259 rubygem-puma security update
A simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Security Fixes: Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request...
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-26049 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker ...
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.4.0 Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the logback receiver component. By sending a specially crafte...
CVE-2024-48280
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request...
CVE-2024-48282
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request...
HTTP Smuggling
org.jboss.resteasy, resteasy-netty4-cdi is vulnerable to HTTP Smuggling. The vulnerability is due to improper handling of HTTP requests by the resteasy-netty4 library, specifically when the Netty HttpObjectDecoder fails to process HTTP smuggling requests with ASCII control characters, causing it ...
CVE-2024-48282
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request...
CVE-2024-48279
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request...
CVE-2024-48279
PHPGurukul User Registration & Login and User Management System 3.2 has a HTML Injection vulnerability in /search-result.php. The searchkey parameter (POST) allows remote attackers to inject/execute arbitrary HTML. Root cause is not detailed beyond this; CVSS v3.1 vector indicates high impact wit...
CVE-2024-8912
An HTTP Request Smuggling vulnerability in Looker allowed an unauthorized attacker to capture HTTP responses destined for legitimate users. There are two Looker versions that are hosted by Looker: Looker Google Cloud core was found to be vulnerable. This issue has already been mitigated and our...