11 matches found
Configuration Change Detected (High)
The system detected a change in the controller code that was made via the network. An attacker may use code changes to disrupt normal operations, to cause production losses, or to create a security threat. This plugin only works with Tenable.ot. Please visit...
kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
CVE-2024-35789 is a vulnerability in the Linux kernel’s Wi-Fi subsystem mac80211. It occurs when a station is moved out of a VLAN, and the VLAN is subsequently deleted. A reference to the deleted VLAN’s network device may remain, leading to a use-after-free condition. This can result in system...
kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
CVE-2024-35789 is a vulnerability in the Linux kernel’s Wi-Fi subsystem mac80211. It occurs when a station is moved out of a VLAN, and the VLAN is subsequently deleted. A reference to the deleted VLAN’s network device may remain, leading to a use-after-free condition. This can result in system...
moving bloch.chainid to chainId() function
Lines of code Vulnerability details Impact problem with using block.chainid is it can change over time in the same network. This means that the value stored in CHAINID may not always be accurate, and can cause issues if the contract relies on this value for any critical functionality. Proof of...
CVE-2022-20354
In onDefaultNetworkChanged of Vpn.java, there is a possible way to disable VPN due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...
Zoho ManageEngine Network Configuration Manager SQL Injection Vulnerability
Zoho ManageEngine Network Configuration Manager is a network change and configuration management tool for managing the configuration of switches, routers and firewalls. A SQL injection vulnerability exists in the configuration search in Zoho ManageEngine Network Configuration Manager. No details ...
The vulnerabilities in iOS and Mac OS X operating systems allow attackers to carry out “man-in-the-middle” attacks.
The vulnerability of the IDS-Connectivity component for iOS and Mac OS X is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to carry out a “man-in-the-middle” attack by using notifications regarding network connection changes...
ManageEngine DeviceExpert 5.9 - User Credential Disclosure
ManageEngine DeviceExpert 5.9 - User Credential Disclosure User credential disclosure in ManageEngine DeviceExpert 5.9 Discovered by Pedro Ribeiro [email protected], Agile Information Security ========================================================================== Background on the affected...
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability product homepage: http://www.manageengine.com/products/device-expert/ file tested: ManageEngineDeviceExpert.exe tested against: Microsoft Windows Server 2003 r2 sp2...
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Database Backup / auth-conf.xml Disclosure Exploit product homepage:...
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Database Backup / auth-conf.xml Disclosure Exploit product homepage: http://www.manageengine.com/products/device-expert/ file tested: ManageEngineDeviceExpert.exe tested against:...