EUVD-2022-46444

Malicious code in bioql PyPI...

CVE-2021-36741

An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the...

CVE-2019-18189

A directory traversal vulnerability in Trend Micro Apex One, OfficeScan 11.0, XG and Worry-Free Business Security 9.5, 10.0 may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication...

PT-2024-6662 · Ivanti · Ivanti Workspace Control

Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions 10.18.0.0 and below Description: The issue is related to the transmission of sensitive information in cleartext, allowing a local authenticated attacker to obtain operating system credentials. This can be...

Arcserve Unified Data Protection Security Vulnerability

Arcserve Unified Data Protection is Arcserve's all-in-one data and ransomware protection solution. A security vulnerability exists in Arcserve Unified Data Protection prior to version 9.2 that stems from the presence of an authentication bypass, whereby an unauthenticated, remote attacker could...

Default credentials

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user...

AMQ 访问控制错误漏洞

Red Hat AMQ Broker is a pure Java multi-protocol message broker from Red Hat. It is built on an efficient asynchronous core with fast native logging for message persistence and unshared state replication options for high availability. An Access Control Error vulnerability exists in AMQ Broker tha...

CVE-2021-36741

An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the...

CVE-2021-36741

An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the...

Red Hat JBoss Application Server (AS) Console and Web Management Misconfiguration Vulnerability - Active Check

The default configuration of Red Hat JBoss Application Server AS does not restrict access to the console and web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests. SPDX-FileCopyrightText: 2019 Greenbone AG Some text...

HUMAX WiFi Router HG-100R DNS Hijacking Vulnerability

The HG-100R is a router. A DNS hijacking vulnerability exists in the HUMAX WiFi Router HG-100R. The vulnerability is caused by first constructing a special request to bypass the authentication of the management console. The vulnerability is due to the router failing to validate the session token...

Zabbix 2.0.5 Password Disclosure

This module requires Metasploit Date: 25-09-2013 Author: Pablo González Vendor Homepage: Zabbix - http://www.zabbix.com Software Link: http://www.zabbix.com Version: 2.0.5 Tested On: Linux Ubuntu, Suse, CentOS CVE: CVE-2013-5572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5572 More Inf...

Zabbix 2.0.5 - Cleartext ldap_bind_Password Password Disclosure (Metasploit)

This module requires Metasploit Date: 25-09-2013 Author: Pablo González Vendor Homepage: Zabbix - http://www.zabbix.com Software Link: http://www.zabbix.com Version: 2.0.5 Tested On: Linux Ubuntu, Suse, CentOS CVE: CVE-2013-5572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5572 More Inf...

CVE-2013-5572

Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldapbindpassword value in the HTML source code...