35 matches found
CVE-2018-18817
The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote attackers to modify registry keys via the Leostream Agent API...
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
EUVD-2018-10533
Malware in sbrugna...
EUVD-2021-28569
Malicious code in bioql PyPI...
EUVD-2021-28568
Malicious code in bioql PyPI...
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
CVE-2021-41550
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code...
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
CVE-2021-41550
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code...
Code injection
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code...
Directory traversal
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
CVE-2021-41550
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code...
CVE-2021-41550
The CVE-2021-41550 entry affects Leostream Connection Broker 9.0.40.17, where an administrator can upload and execute Perl code. The NVD entry cites a network-accessible vulnerability with low attack complexity and requires a high-privilege context (prerequisites: HIGH; UI: NONE) leading to parti...
CVE-2021-41551
Leostream Connection Broker 9.0.40.17 allows administrators to conduct directory traversal attacks by uploading z ZIP file that contains a symbolic link...
CVE-2021-41551
CVE-2021-41551 affects Leostream Connection Broker 9.0.40.17. Administrators can perform a directory traversal by uploading a ZIP file that contains a symbolic link, enabling access to files outside the intended directory. This is supported by Red Hat and NVD entries in the provided documents. Th...
Leostream Connection Broker 后置链接漏洞
Leostream Connection Broker is a vendor-neutral connection broker from Leostream, Inc. that provides a single interface to manage a range of operating systems, physical and virtual desktops, and display protocols commonly found in enterprise environments. A backlink vulnerability exists in...
Leostream Connection Broker 代码问题漏洞
Leostream Connection Broker is a vendor-neutral connection broker from Leostream USA that provides a single interface to manage a range of operating systems, physical and virtual desktops, and display protocols commonly found in enterprise environments. A security vulnerability exists in Leostrea...
CVE-2021-38157
LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
Cross site scripting
UNSUPPORTED WHEN ASSIGNED LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-38157
The CVE-2021-38157 entry concerns LeoStream Connection Broker 9.x prior to 9.0.34.3, which is vulnerable to unauthenticated reflected XSS via the /index.pl endpoint using the user parameter. The root cause is improper handling/validation of user-supplied input on that endpoint, enabling an attack...