7681 matches found
EulerOS Virtualization 3.0.6.0 : python-pip (EulerOS-SA-2023-3450)
According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination server...
EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2023-2821)
According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirect...
EulerOS Virtualization 3.0.6.6 : python-requests (EulerOS-SA-2023-3413)
According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination...
EulerOS 2.0 SP11 : python-requests (EulerOS-SA-2023-2707)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when...
EulerOS 2.0 SP8 : perl-CPAN (EulerOS-SA-2023-3143)
According to the versions of the perl-CPAN package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable Network...
EulerOS Virtualization 2.10.0 : python-pip (EulerOS-SA-2023-2945)
According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination server...
EulerOS 2.0 SP8 : python-pip (EulerOS-SA-2023-3151)
According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirect...
EulerOS Virtualization 2.10.1 : python-requests (EulerOS-SA-2023-2927)
According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination...
EulerOS Virtualization 2.9.0 : perl (EulerOS-SA-2023-3105)
According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable...
EulerOS 2.0 SP8 : python-requests (EulerOS-SA-2023-3152)
According to the versions of the python-requests packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when...
EulerOS Virtualization 2.9.1 : perl (EulerOS-SA-2023-3091)
According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable...
EulerOS Virtualization 3.0.6.0 : perl-CPAN (EulerOS-SA-2023-3443)
According to the versions of the perl-CPAN package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenabl...
EulerOS Virtualization 2.10.0 : python-requests (EulerOS-SA-2023-2946)
According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination...
EulerOS 2.0 SP11 : python-requests (EulerOS-SA-2023-2665)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when...
Fortinet FortiVoice Path Traversal Vulnerability
Fortinet FortiVoice is a network communications solution from Fortinet, Inc. A path traversal vulnerability exists in FortiVoice fortivoice. The vulnerability stems from the program failing to properly filter for special elements in the path of a resource or file. An attacker could exploit this...
Fortinet FortiOS Privilage Escalation (FG-IR-23-315)
The version of FortiOS installed on the remote host is prior to tested version. It is, therefore, affected by an improper privilege management vulnerability CWE-269 in a FortiOS & FortiProxy HA cluster may allow an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS...
Fortinet FortiProxy Privilage Escalation (FG-IR-23-315)
The version of FortiProxy installed on the remote host is prior to tested version. It is, therefore, affected by an improper privilege management vulnerability CWE-269 in a FortiOS & FortiProxy HA cluster may allow an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS...
CVE-2023-44250
An improper privilege management vulnerability CWE-269 in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests...
CVE-2023-37932
An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability CWE-22 in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests...
CVE-2023-37934
An allocation of resources without limits or throttling vulnerability CWE-770 in FortiPAM 1.0 all versions allows an authenticated attacker to perform a denial of service attack via sending crafted HTTP or HTTPS requests in a high frequency...