15 matches found
Introducing the Qualys App Picker: Easier, Faster Navigation for All Your Security Applications
Navigating your cybersecurity platform should be easy. That is why we have reimagined the way users access Qualys applications with the brand-new Qualys App Picker , a streamlined, intuitive navigation panel designed to make access faster, easier, and smarter in the Qualys Enterprise TruRisk...
CVE-2023-50159
In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-51748
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-51751
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-50159
In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-50159
In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-51751
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-51748
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-51751
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
Verifone Verix Multi-app Conductor Buffer Overflow Vulnerability
Verifone Verix Multi-app Conductor is a tool from Verifone USA that supports terminal access to multiple Verifone applications. A buffer overflow vulnerability exists in Verifone Verix Multi-app Conductor version 2.7. An attacker could exploit this vulnerability to execute arbitrary code...
CVE-2019-10060
The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability...
Buffer overflow
The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability...
CVE-2019-10060
The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability...
CVE-2019-10060
The CVE-2019-10060 issue affects Verix Multi-app Conductor for Verifone Verix (version 2.7). The vulnerability is a buffer overflow in a configuration key value that enables arbitrary code execution and requires the attacker to download files to the device. Several connected sources (Red Hat, CNV...
Tomcat/JBossWeb: XML parser hijack by malicious web application
It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by JBoss Web / Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors TLDs, and tag plug-in configuration files. The injected XML...