Helmholz REX100 访问控制错误漏洞

The Helmholz REX100 is a wireless router from Helmholz. An access control error vulnerability exists in Helmholz REX100 versions prior to 2.3.1, which stems from a lack of authentication and allows an unauthenticated, remote attacker to execute operating system commands via UDP on the device...

PT-2024-23171 · Brocade · Brocade Sannav Ova

Name of the Vulnerable Software and Affected Versions: Brocade SANnav OVA versions prior to 2.3.1 Brocade SANnav OVA version 2.3.0a Description: The issue is related to an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileg...

Cisco DNA Spaces Connector 操作系统命令注入漏洞

Cisco DNA Spaces is a set of indoor location services platform of the United States Cisco Cisco. An operating system command injection vulnerability exists in Cisco DNA Spaces Connector versions prior to 2.3.1, which can be exploited by an attacker to execute arbitrary operating system commands o...

DEBIAN-CVE-2021-28834

Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated...

AZL-44106 CVE-2020-27842 affecting package openjpeg2 for versions less than 2.3.1-12

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability...

CVE-2020-15200

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

PT-2017-17844 · Mantisbt · Mantisbt

Name of the Vulnerable Software and Affected Versions: MantisBT versions prior to 2.3.1 Description: The issue allows for arbitrary password reset and unauthenticated admin access. This is achieved by providing an empty confirm hash value to the "verify.php" endpoint. Recommendations: For version...

Apache Jetspeed User Manager Unauthorized Operation Vulnerability

Apache Jetspeed is the United States Apache Apache Software Foundation's use of Java and XML development of a set of open portal platforms and enterprise information portals. User Manager service is one of the user management services. An unauthorized operation vulnerability exists in the User...

PT-2009-6739

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 0.9.8l GnuTLS versions prior to 2.8.5 Apache HTTP Server versions prior to 2.2.14 Microsoft Internet Information Services IIS 7.0 OpenVPN versions prior to 2.3.1 Mozilla Network Security Services NSS versions prior to...