2729 matches found
Salt 安全漏洞
Salt is an automation, infrastructure management, data-driven orchestration, and remote execution application from the Salt project. A security vulnerability exists in Salt that stems from an authorized minion that can inject arbitrary events into the main event bus...
Salt 安全漏洞
Salt is an automation, infrastructure management, data-driven orchestration, and remote execution application from the Salt project. A security vulnerability exists in Salt that stems from a directory traversal that could result in arbitrary files being written to the main cache directory...
CVE-2025-41661
An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery CSRF protection...
Weidmueller Interface IE-SR-2TX-WL 跨站请求伪造漏洞
The Weidmueller Interface IE-SR-2TX-WL is an industrial security router from Weidmueller Interface, Germany. The Weidmueller Interface IE-SR-2TX-WL suffers from a cross-site request forgery vulnerability that stems from a lack of CSRF protection in the main web interface, which could allow an...
PT-2025-25186 · Weidmueller · Ie-Sr-2Tx-Wl +2
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to a lack of Cross-Site Request Forgery CSRF protection in the Main Web...
NewStart CGSL MAIN 7.02 : python-urllib3 Vulnerability (NS-SA-2025-0073)
The remote NewStart CGSL host, running version MAIN 7.02, has python-urllib3 packages installed that are affected by a vulnerability: - urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to t...
NewStart CGSL MAIN 7.02 : freeglut Vulnerability (NS-SA-2025-0090)
The remote NewStart CGSL host, running version MAIN 7.02, has freeglut packages installed that are affected by a vulnerability: - freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function. CVE-2024-24259 Note that Nessus has not...
NewStart CGSL MAIN 7.02 : libvpx Vulnerability (NS-SA-2025-0071)
The remote NewStart CGSL host, running version MAIN 7.02, has libvpx packages installed that are affected by a vulnerability: - There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer...
NewStart CGSL MAIN 7.02 : openssh Vulnerability (NS-SA-2025-0089)
The remote NewStart CGSL host, running version MAIN 7.02, has openssh packages installed that are affected by a vulnerability: - A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a...
NewStart CGSL MAIN 7.02 : glibc Multiple Vulnerabilities (NS-SA-2025-0079)
The remote NewStart CGSL host, running version MAIN 7.02, has glibc packages installed that are affected by multiple vulnerabilities: - nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's nscd netgroup cache can corrupt memory when the NSS callback doe...
NewStart CGSL MAIN 7.02 : libarchive Multiple Vulnerabilities (NS-SA-2025-0085)
The remote NewStart CGSL host, running version MAIN 7.02, has libarchive packages installed that are affected by multiple vulnerabilities: - executefilterdelta in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move...
NewStart CGSL MAIN 7.02 : jasper Vulnerability (NS-SA-2025-0082)
The remote NewStart CGSL host, running version MAIN 7.02, has jasper packages installed that are affected by a vulnerability: - An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. CVE-2023-51257 Note that Nessus has not...
NewStart CGSL MAIN 7.02 : qt5-qtbase Vulnerability (NS-SA-2025-0077)
The remote NewStart CGSL host, running version MAIN 7.02, has qt5-qtbase packages installed that are affected by a vulnerability: - An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make...
TP-Link TL-IPC544EP-W4 安全漏洞
TP-Link TL-IPC544EP-W4 is a smart camera from China P&L TP-Link. A security vulnerability exists in TP-Link TL-IPC544EP-W4 version 1.0.9 Build 240428 Rel 69493n, which originates from a buffer overflow due to incorrect manipulation of the parameter text in the file /bin/main...
NewStart CGSL MAIN 7.02 : libxml2 Vulnerability (NS-SA-2025-0072)
The remote NewStart CGSL host, running version MAIN 7.02, has libxml2 packages installed that are affected by a vulnerability: - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. CVE-2025-27113 Note that Nessus has not tested for these...
NewStart CGSL MAIN 7.02 : nghttp2 Vulnerability (NS-SA-2025-0078)
The remote NewStart CGSL host, running version MAIN 7.02, has nghttp2 packages installed that are affected by a vulnerability: - nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2...
NewStart CGSL MAIN 7.02 : tongsuo Multiple Vulnerabilities (NS-SA-2025-0075)
The remote NewStart CGSL host, running version MAIN 7.02, has tongsuo packages installed that are affected by multiple vulnerabilities: - Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes...
SourceCodester Computer Store System 安全漏洞
SourceCodester Computer Store System is an open source computer storage system from SourceCodester. A security vulnerability exists in SourceCodester Computer Store System version 1.0, which stems from improper handling of the laptopcompany/RAM/Processor parameter in the Add function in the main....
CVE-2024-28684
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/modulemain.php...
CVE-2024-33328
A cross-site scripting XSS vulnerability in the component main.jsp of Lumisxp v15.0.x to v16.1.x allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the pageId parameter...