Ella Core 输入验证错误漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Prior to version 1.8.0 of Ella Core, there was a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation in the PUT...

EUVD-2020-19540

Malware in sbrugna...

EUVD-2007-1306

Malware in sbrugna...

CVE-2022-31668 User permission validation failure and disclosure of P2P preheat execution logs

Harbor fails to validate the user permissions when updating p2p preheat policies. By sending a request to update a p2p preheat policy with an id that belongs to a project that the currently authenticated user doesn't have access to, the attacker could modify p2p preheat policies configured in oth...

Design/Logic Flaw

The vulnerability allows authenticated users with only produce or consume permissions to modify topic-level policies, such as retention, TTL, and offloading settings. These management operations should be restricted to users with the tenant admin role or super user role. This issue affects Apache...

Improper access control

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

CVE-2022-4313

A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...

CVE-2021-30648

The Symantec Advanced Secure Gateway ASG and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance...

PT-2021-2825 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to insufficient enforcement of access control in the affected software, allowing an authenticated, remote attacker to access...

Cisco Policy Suite Security Restriction Bypass Vulnerability

Cisco Policy Suite CPS is a next-generation policy management solution. The solution provides user-based business rules, real-time management of applications and network resources. A security restriction bypass vulnerability exists in the Policy Builder interface in Cisco CPS that stems from the...

CVE-2010-5191

Multiple cross-site request forgery CSRF vulnerabilities on the Blue Coat ProxyAV appliance before 3.2.6.1 allow remote attackers to hijack the authentication of administrators for requests that 1 change a password, 2 modify a policy, or 3 restart the device...

MS02-070: Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)

The remote version of Windows contains a flaw in the SMB signing implementation. SMB signing is used to sign each packets sent between a client and a server to protect them against man-in-the-middle attacks. If the Domain policy is configured to force usage of SMB signing, it is possible for an...

Microsoft Security Bulletin MS02-070: Flaw in SMB Signing Could Enable Group Policy to be Modified (309376)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in SMB Signing Could Enable Group Policy to be Modified 309376 Date: 11 December 2002 Software: Windows 2000, Windows XP Impact: Modify group policy Max Risk: Moderate Bulletin:...