EUVD-2023-2628

Malicious code in bioql PyPI...

Akinsoft TaskPano 安全漏洞

Akinsoft TaskPano is a team task and project management platform from Akinsoft Turkey. A security vulnerability exists in Akinsoft TaskPano versions prior to s1.06.06, which stems from an improperly restricted authentication attempt that could lead to authentication bypass...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an improper access restriction vulnerability. The vulnerability arises due to improperly set API access rights. An attacker could use this vulnerability to gain unauthorized...

CVE-2023-4570

An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using versi...

CVE-2021-45310

Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted b...

IBM Jazz for Service Management 安全漏洞

IBM Jazz for Service Management is an integrated service management product from International Business Machines IBM that provides visibility into the service management environment. An Access Control Error vulnerability exists in IBM Jazz for Service Management that stems from improper access...

GLSA-202405-21 : Commons-BeanUtils: Improper Access Restriction

The remote host is affected by the vulnerability described in GLSA-202405-21 Commons-BeanUtils: Improper Access Restriction - In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class...

Commons-BeanUtils: Improper Access Restriction

Background Commons-beanutils provides easy-to-use wrappers around Reflection and Introspection APIs Description A vulnerability has been discovered in Commons-BeanUtils. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifiers for details...

CVE-2023-51127

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE...

PT-2023-9242 · Unknown · Masterscada 4D

Name of the Vulnerable Software and Affected Versions: MasterSCADA 4D affected versions not specified Description: The issue is related to incorrect restriction of access to a directory with limited access in the MasterSCADA 4D SCADA system. Exploitation of this issue may allow a remote attacker ...

NI MeasurementLink Python Services Improper Access Restriction vulnerability

Impact An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python usin...

GHSA-3F48-9J7Q-Q2GV NI MeasurementLink Python Services Improper Access Restriction vulnerability

Impact An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python usin...

CVE-2023-4570 Improper Restriction in NI MeasurementLink Python Services

An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using versi...

CVE-2023-4570 Improper Restriction in NI MeasurementLink Python Services

An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using versi...

CVE-2022-37060

FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files...

Information disclosure

Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted b...

CVE-2021-45310

CVE-2021-45310 affects Sangoma Switchvox version 102409 and is an information-disclosure vulnerability caused by improper access restriction. An unauthenticated HTTP GET to https://Switchvox-IP/main?cmd=invalid_browser (and related invalid_browse URL) can exfiltrate user data such as first/last n...

CVE-2021-45310

Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted b...

Atlassian JIRA < 8.5.15 / 8.6.x < 8.13.7 / 8.14.x < 8.17.0 Unauth User Enum (JRASERVER-71559)

According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is affected by an information disclosure vulnerability in the QueryComponentRendererValue!Default.jspa due to an improper access restriction. An unauthenticated, remote attacker can explo...

Nextcloud Server < 14.0.0, < 13.0.6, < 12.0.11 Improper validation of permissions (NC-SA-2018-010) - Windows

Nextcloud Server is prone to an improper access restriction vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...