Lucene search
+L

85 matches found

Prion
Prion
added 2023/08/13 9:15 p.m.17 views

Cross site scripting

Genesys Administrator Extension GAX before 9.0.105.15 is vulnerable to Cross Site Scripting XSS via the Business Structure page of the iWD plugin, aka GAX-11261...

5.8CVSS6AI score0.00309EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/13 12:0 a.m.10 views

CVE-2023-23208

Genesys Administrator Extension GAX before 9.0.105.15 is vulnerable to Cross Site Scripting XSS via the Business Structure page of the iWD plugin, aka GAX-11261...

6AI score0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/13 12:0 a.m.27 views

CVE-2023-23208

Genesys Administrator Extension GAX before 9.0.105.15 is vulnerable to Cross Site Scripting XSS via the Business Structure page of the iWD plugin, aka GAX-11261...

6.2AI score0.00309EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/12 12:0 a.m.56 views

Genesys Intelligent Workload Distribution SQL Injection Vulnerability

Genesys Intelligent Workload Distribution Iwd is an application from Genesys, USA. Genesys intelligent Workload Distribution IWD 9.0.017.07 is vulnerable to SQL injection, which can be exploited to execute arbitrary SQL queries via the "value" parameter to execute arbitrary SQL queries...

7.2CVSS4.6AI score0.01682EPSS
Exploits2References1
OSV
OSV
added 2021/12/08 3:15 p.m.3 views

CVE-2021-40861

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the...

7.2CVSS7.4AI score0.01682EPSS
Exploits2References2
NVD
NVD
added 2021/12/08 3:15 p.m.17 views

CVE-2021-40860

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the qlexpression parameter, with which all data in the database can be extracted and OS command execution is possible...

7.2CVSS0.01682EPSS
Exploits1References2
NVD
NVD
added 2021/12/08 3:15 p.m.14 views

CVE-2021-40861

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the...

7.2CVSS0.01682EPSS
Exploits1References2
Prion
Prion
added 2021/12/08 3:15 p.m.22 views

Sql injection

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the...

6.5CVSS7.6AI score0.01682EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2021/12/08 3:15 p.m.12 views

Sql injection

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the qlexpression parameter, with which all data in the database can be extracted and OS command execution is possible...

6.5CVSS7.6AI score0.01682EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2021/12/08 2:58 p.m.43 views

CVE-2021-40861

CVE-2021-40861 affects Genesys Intelligent Workload Distribution (IWD) 9.0.017.07. A SQL Injection in the custom filter query component allows an attacker to execute arbitrary SQL via the value attribute, potentiallyexfiltrating all data and, depending on permissions/db engine, enabling OS comman...

7.2CVSS7.5AI score0.01682EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/12/08 2:58 p.m.19 views

CVE-2021-40861

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD 9.0.017.07 allows an attacker to execute arbitrary SQL queries via the value attribute, with which all data in the database can be extracted and OS command execution is possible depending on the...

7.9AI score0.01682EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/12/08 2:45 p.m.24 views

CVE-2021-40860

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution IWD before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the qlexpression parameter, with which all data in the database can be extracted and OS command execution is possible...

7.9AI score0.01682EPSS
Exploits1References2
CVE
CVE
added 2021/12/08 2:45 p.m.49 views

CVE-2021-40860

The CVE-2021-40860/40861 issue affects Genesys Intelligent Workload Distribution (IWD). The connected CNVD/EUVD records confirm a SQL injection in the IWD custom filter query component, with exploitation via the ql_expression or value parameters and potential data exfiltration and OS command exec...

7.2CVSS7.6AI score0.01682EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/03/20 1:5 p.m.4 views

OPENSUSE-SU-2021:0452-1 Security update for connman

This update for connman fixes the following issues: Update to 1.39 boo1181751: Fix issue with scanning state synchronization and iwd. Fix issue with invalid key with 4-way handshake offloading. Fix issue with DNS proxy length checks to prevent buffer overflow. CVE-2021-26675 Fix issue with DHCP...

8.8CVSS7.9AI score0.01301EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2021/03/20 12:0 a.m.27 views

Security update for connman (moderate)

openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2021:0452-1 Rating: moderate References: 1181751 Cross-References: CVE-2021-26675 CVE-2021-26676 CVSS scores: CVE-2021-26675 NVD : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-26676 NVD : 6.5...

8.8CVSS8.4AI score0.01301EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/03/17 12:0 a.m.25 views

openSUSE Security Update : connman (openSUSE-2021-416)

This update for connman fixes the following issues : Update to 1.39 boo1181751 : - Fix issue with scanning state synchronization and iwd. - Fix issue with invalid key with 4-way handshake offloading. - Fix issue with DNS proxy length checks to prevent buffer overflow. CVE-2021-26675 - Fix issue...

8.8CVSS7.2AI score0.01301EPSS
Exploits0References3
OSV
OSV
added 2021/03/16 5:6 p.m.7 views

OPENSUSE-SU-2021:0416-1 Security update for connman

This update for connman fixes the following issues: Update to 1.39 boo1181751: Fix issue with scanning state synchronization and iwd. Fix issue with invalid key with 4-way handshake offloading. Fix issue with DNS proxy length checks to prevent buffer overflow. CVE-2021-26675 Fix issue with DHCP...

8.8CVSS7.9AI score0.01301EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/08/12 4:15 p.m.19 views

CVE-2020-17497

eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4...

8.1CVSS7.1AI score0.00694EPSS
Exploits0References3
CVE
CVE
added 2020/08/12 3:15 p.m.49 views

CVE-2020-17497

CVE-2020-17497 affects the iNet wireless daemon (IWD) up to version 1.8. The vulnerability resides in eapol.c and allows an adjacent attacker to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4, potentially compromising the WPA3/RSN key handling. NVD reports a base score of 8.1 (HIGH) ...

8.1CVSS7.9AI score0.00694EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.11 views

Fedora Update for iwd FEDORA-2019-17419b24a3

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Rows per page
Query Builder