CVE-2024-6456 SQL Injection vulnerability in AVEVA Historian Server

AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...

CVE-2024-6456 SQL Injection vulnerability in AVEVA Historian Server

AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...

CVE-2024-6456

CVE-2024-6456 describes a SQL Injection vulnerability in AVEVA Historian Server. Public sources in the connected documents indicate that an attacker could exploit the issue by enticing a user to open a specially crafted URL via the interactive Historian REST Interface, allowing the execution of S...

OpenVPN 2.5.x < 2.5.10, 2.6.x < 2.6.10 Multiple Vulnerabilities (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is affected by multiple vulnerabilities: - OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-i...

CVE-2024-38712

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Qode Interactive Qi Blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through 1.3...

CVE-2024-38712

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Qode Qi Blocks qi-blocks.This issue affects Qi Blocks: from n/a through = 1.3...

CVE-2024-38712

CVE-2024-38712 affects Qode Interactive Qi Blocks (WordPress) up to version 1.3. The issue is a Stored XSS caused by improper input neutralization during web page generation, allowing attacker-supplied script to be stored and later executed in users’ browsers. Exploitation details and patch/versi...

RUSTSEC-2024-0391 Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

RUSTSEC-2024-0393 Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

RUSTSEC-2024-0392 Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

PT-2024-40938 · Crates.Io · Cggmp21-Keygen

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue concerns challenge derivation in non-interactive Zero-Knowledge ZK proofs, which was ambiguous and could potentially lead to a security issue. However, it is unknown if this...

PT-2024-40937 · Crates.Io · Paillier-Zk

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue concerns challenge derivation in non-interactive Zero-Knowledge ZK proofs, which was ambiguous and could potentially lead to a security issue. However, it is unknown if this...

Microsoft Windows Remote Desktop Licensing Service Denial of Service Vulnerability (CNVD-2024-36382)

Microsoft Windows Remote Desktop Licensing Service is a remote desktop licensing service that allows users to connect to remote computers interactively. A denial of service vulnerability exists in Microsoft Windows Remote Desktop Licensing Service, which can be exploited by an attacker to cause a...

SUSE CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

SUSE CVE-2024-27459

The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges...

CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

CVE-2024-27459

The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges...