21 matches found
EUVD-2002-1445
Malware in sbrugna...
CVE-2024-45279
Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim'...
PT-2024-34901 · Hewlett Packard · Hpe Aruba Networking Clearpass Policy Manager
Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking ClearPass Policy Manager affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack...
Apache SeaTunnel SQL Injection vulnerability
Mysql security vulnerability in Apache SeaTunnel. Attackers can read files on the MySQL server by modifying the information in the MySQL URL allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360 This issue affects Apache SeaTunnel: 1.0.0. Users...
Adobe Commerce Security Bypass Vulnerability (CNVD-2024-40527)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security measures and modify secondary...
Adobe Commerce Security Bypass Vulnerability (CNVD-2024-40531)
Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security measures and modify secondary...
Adobe Commerce Security Bypass Vulnerability (CNVD-2024-40532)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security measures and modify secondary...
Adobe Commerce elevation of privilege vulnerability (CNVD-2024-40530)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and modify seconda...
Adobe Commerce elevation of privilege vulnerability (CNVD-2024-40529)
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and modify seconda...
Adobe Commerce 安全漏洞
Adobe Commerce is a leading global digital commerce solution for merchants and brands from Adobe USA. A security vulnerability exists in Adobe Commerce that stems from improper authorization. An attacker could exploit the vulnerability to bypass security measures and modify secondary information...
Adobe Commerce 安全漏洞
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and modify seconda...
Adobe Commerce 安全漏洞
Adobe Commerce is the United States of America Odobie Adobe company's a kind of merchants and brands for the world's leading digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security measures and modify secondary...
Adobe Commerce 安全漏洞
Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. An elevation of privilege vulnerability exists in Adobe Commerce, which could be exploited by an attacker to bypass security measures and modify seconda...
Input validation
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. On successful exploitation, the attacker can view or modify information, causing a limited impact on confidentiality and integrity...
CVE-2021-39394
mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add user accounts and modify user information...
ASUS WebStorage 信任管理问题漏洞
ASUS WebStorage is an online storage service from ASUS China.A security vulnerability exists in ASUS WebStorage Android, which could be exploited by attackers to log into a regular user account to access, modify, or delete user account information...
Override access vulnerability in jeewms
jeewms is led by Linglu Valley Technology open source project , WMS after a number of companies on-line operation , in order to reduce the information cost of logistics and warehousing enterprises , decided to fully open source this product . jeewms there is an over-the-horizon access vulnerabili...
CVE-2020-16199
Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code, and/or crash the...
Shenyang Pangu Network Technology Co., Ltd. website building system has logical flaws and vulnerabilities
Shenyang Pangu Network Technology Co., Ltd. is a Baidu business as the core, for the local business to provide network marketing services of the Internet + group of companies. Shenyang Pangu Network Technology Co., Ltd. station-building system has a logical flaw vulnerability, attackers can use t...
CVE-2020-14477
In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require...