10 matches found
CVE-2023-36819
Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch...
CVE-2024-31416
The CVE-2024-31416 entry concerns Eaton Foreseer. The vulnerability arises from input fields in the software that allow configuration (e.g., alarms, reports) where length/bounds checks are missing. Root cause: insufficient validation of user-entered values in configurable fields, which can lead t...
SUSE-SU-2021:3611-1 Security update for systemd
This update for systemd fixes the following issues: - machine-id-setup: generate machine-id from DMI product ID on Amazon EC2 - Add timestamp to D-Bus events to improve traceability. jscSLE-21894 - busctl: add a timestamp to the output of the busctl monitor command bsc1180225, jscSLE-21894 -...
Palo Alto Networks PAN-OS 代码问题漏洞
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS that arises from the use of a network system or component that has been used with an unreasonable file configuration,...
Security update for wpa_supplicant (moderate)
openSUSE Security Update: Security update for wpasupplicant Announcement ID: openSUSE-SU-2020:2059-1 Rating: moderate References: 1131644 1131868 1131870 1131871 1131872 1131874 1133640 1144443 1150934 1156920 1166933 1167331 930077 930078 930079 Cross-References: CVE-2015-4141 CVE-2015-4142...
Palo Alto Networks PAN-OS Misconfiguration Vulnerability
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. A misconfiguration vulnerability exists in Palo Alto Networks PAN-OS. The vulnerability stems from an unreasonable file configuration, parameter configuration, etc. during the use of a...
Versionscan - A PHP Version Scanner For Reporting Possible Vulnerabilities
Versionscan is a tool for evaluating your currently installed PHP version and checking it against known CVEs and the versions they were fixed in to report back potential issues. PLEASE NOTE: Work is still in progress to adapt the tool to linux distributions that backport security fixes. As of rig...
TrevorC2 - Command and Control via Legitimate Behavior over HTTP
TrevorC2 is a client/server model for masking command and control through a normally browsable website. Detection becomes much harder as time intervals are different and does not use POST requests for data exfil. There are two components to TrevorC2 - the client and the server. The client can be...
Input validation
Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...
CVE-2008-3081
Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...