Lucene search
K

123 matches found

Prion
Prion
added 2021/07/12 11:15 a.m.13 views

Open redirect

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. An attacker may craft a URL that appears to be for a customer's Jamf Pro instance, but when clicked will forward a user to an arbitrary URL that may b...

5.8CVSS6.2AI score0.00587EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/12 10:56 a.m.26 views

CVE-2021-35037

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. An attacker may craft a URL that appears to be for a customer's Jamf Pro instance, but when clicked will forward a user to an arbitrary URL that may b...

6.4AI score0.00587EPSS
Exploits0References2
CVE
CVE
added 2021/07/12 10:56 a.m.100 views

CVE-2021-35037

The CVE refers to Jamf Pro before version 10.30.1 with an unvalidated/unauthorized URL redirect vulnerability in on‑premises deployments. The underlying issue is an unvalidated URL in Jamf Pro that can cause a user to be redirected to an arbitrary, potentially malicious URL when a crafted link is...

6.1CVSS6.2AI score0.00587EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.6 views

JAMF Jamf Pro 输入验证错误漏洞

JAMF Jamf Pro is an Apple device management solution from Jamf America JAMF. An input validation error vulnerability exists in versions of Jamf Pro prior to 10.30.1 that allows unauthenticated URL redirection to affect Jamf Pro customers in locally hosted environments...

6.1CVSS6.2AI score0.00587EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2021/05/25 12:25 p.m.88 views

Apple Patches Zero-Day Flaw in MacOS that Allows for Sneaky Screenshots

Apple has patched a critical bug in macOS that could be exploited to take screenshots of someone’s computer and capture images of their activity within applications or on video conferences without that person knowing. Apple addressed the vulnerability—discovered by researchers at enterprise...

7.8CVSS8AI score0.0658EPSS
Exploits0References14
CNVD
CNVD
added 2021/04/06 12:0 a.m.9 views

Jamf Pro Cross-Site Scripting Vulnerability

Jamf Pro is comprehensive enterprise management software for the Apple platform that simplifies IT management for Mac, iPad, iPhone and Apple TV. A cross-site scripting vulnerability exists in "Inventory History" in Jamf Pro versions prior to 10.28.0. No details of the vulnerability are available...

6.1CVSS5.9AI score0.00588EPSS
Exploits0References1
OSV
OSV
added 2021/04/02 8:15 p.m.5 views

CVE-2021-30125

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376...

6.1CVSS6.4AI score0.00588EPSS
Exploits0References1
NVD
NVD
added 2021/04/02 8:15 p.m.20 views

CVE-2021-30125

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376...

6.1CVSS0.00588EPSS
Exploits0References1
Prion
Prion
added 2021/04/02 8:15 p.m.18 views

Cross site scripting

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376...

4.3CVSS5.9AI score0.00588EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/04/02 7:19 p.m.248 views

CVE-2021-30125

Summary of findings (CVE-2021-30125): Jamf Pro versions prior to 10.28.0 are affected by a cross-site scripting (XSS) vulnerability in the Inventory History feature (also referenced as PI-009376). The issue is described across multiple sources as an XSS in Inventory History, with no detailed expl...

6.1CVSS5.9AI score0.00588EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/02 7:19 p.m.19 views

CVE-2021-30125

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376...

6.1AI score0.00588EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/02 12:0 a.m.8 views

Jamf Pro 跨站脚本漏洞

Jamf Pro is comprehensive enterprise management software for the Apple platform that simplifies IT management for Mac, iPad, iPhone and Apple TV. A cross-site scripting vulnerability exists in "Inventory History" in Jamf Pro versions prior to 10.28.0. No details of the vulnerability are available...

6.1CVSS5.2AI score0.00588EPSS
Exploits0References2
CNVD
CNVD
added 2020/02/05 12:0 a.m.5 views

Jamf Pro License Issue Vulnerability

Jamf Pro is an Apple device management solution from Jamf USA. Jamf Pro is vulnerable to an authorization issue. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a networked system or product. An attacker could exploit this vulnerability to...

8.8CVSS6.7AI score0.01213EPSS
Exploits0References1
CNVD
CNVD
added 2020/01/10 12:0 a.m.3 views

Jamf Pro Code Issue Vulnerability

Jamf Pro is an Apple device management solution from Jamf USA. A code issue vulnerability exists in Jamf Pro version 9.x and version 10.x prior to 10.15.1. An attacker could exploit this vulnerability to cause a denial of service, execute code, and/or delete files on the Jamf Pro server...

9.8CVSS7AI score0.02505EPSS
Exploits0References1
OSV
OSV
added 2020/01/08 4:15 p.m.4 views

CVE-2019-17076

An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deserialization of untrusted data when parsing JSON in several APIs may cause Denial of Service DoS, remote code execution RCE, and/or deletion of files on the Jamf Pro server...

9.8CVSS7.9AI score0.02505EPSS
Exploits0References1
NVD
NVD
added 2020/01/08 4:15 p.m.24 views

CVE-2019-17076

An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deserialization of untrusted data when parsing JSON in several APIs may cause Denial of Service DoS, remote code execution RCE, and/or deletion of files on the Jamf Pro server...

9.8CVSS9.8AI score0.02505EPSS
Exploits0References1
Prion
Prion
added 2020/01/08 4:15 p.m.12 views

Deserialization of untrusted data

An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deserialization of untrusted data when parsing JSON in several APIs may cause Denial of Service DoS, remote code execution RCE, and/or deletion of files on the Jamf Pro server...

7.5CVSS9.7AI score0.02505EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/08 3:57 p.m.935 views

CVE-2019-17076

CVE-2019-17076 affects Jamf Pro 9.x and 10.x prior to 10.15.1. The issue is deserialization of untrusted data when parsing JSON in several APIs, which can lead to Denial of Service, remote code execution, and/or deletion of files on the Jamf Pro server. Root cause: unsafe JSON deserialization in ...

9.8CVSS9.7AI score0.02505EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/01/08 3:57 p.m.21 views

CVE-2019-17076

An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deserialization of untrusted data when parsing JSON in several APIs may cause Denial of Service DoS, remote code execution RCE, and/or deletion of files on the Jamf Pro server...

9.8AI score0.02505EPSS
Exploits0References1
OSV
OSV
added 2020/01/07 7:15 p.m.4 views

CVE-2018-10465

Jamf Pro 10.x before 10.3.0 has Incorrect Access Control. Jamf Pro user accounts and groups with access to log in to Jamf Pro had full access to endpoints in the Universal API UAPI, regardless of account privileges or privilege sets. An authenticated Jamf Pro account without required privileges...

8.8CVSS5.8AI score0.01213EPSS
Exploits0References1
Rows per page
Query Builder