37 matches found
EUVD-2021-28775
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-41767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
BIT-GUACAMOLE-2021-41767
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
Information Disclosure
guacamole-common is vulnerable to information disclosure. The vulnerability exists due to the incorrectly included private tunnel identifier in non-private details of some REST responses, allowing an authenticated attacker to interact with another user's active session...
Apache Guacamole Information Disclosure Vulnerability (CNVD-2022-04988)
Apache Guacamole is a clientless remote desktop gateway from the Apache Foundation in the United States. The product supports protocols such as VNC, RDP, and SSH. A security vulnerability exists in Apache Guacamole 1.3.0, which stems from the fact that Apache Guacamole 1.3.0 and earlier versions...
Design/Logic Flaw
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
UBUNTU-CVE-2021-41767
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
CVE-2021-41767
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
CVE-2021-41767
Removed by vendor...
CVE-2021-41767
CVE-2021-41767 affects Apache Guacamole 1.3.0 and older. The issue arises when a private tunnel identifier is wrongly included in the non-private details of certain REST responses, enabling an authenticated user who already has access to a connection to read from or interact with another user’s a...
PT-2022-11481 · Apache +1 · Apache Guacamole +1
Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.3.0 and older Description: The issue allows an authenticated user who already has permission to access a particular connection to potentially read from or interact with another user's active use of that same...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
Code injection
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
CVE-2020-15076
CVE-2020-15076 affects the OpenVPN Private Tunnel macOS installer (version 3.0.1 and earlier). The root cause is a symbolic link in /tmp via the mp directory used by the installer, which can lead to corruption of system files that should not be accessible. Public exploit details are not provided ...
OpenVPN Private Tunnel 2.8.4 - ovpnagent Unquoted Service Path
OpenVPN Private Tunnel 2.8.4 - ovpnagent Unquoted Service Path Title: OpenVPN Private Tunnel 2.8.4 - 'ovpnagent' Unquoted Service Path Author: Sainadh Jamalpur Date: 2019-10-31 Vendor Homepage: https://openvpn.net/ Software Link:...
OpenVPN Private Tunnel 2.8.4 - (ovpnagent) Unquoted Service Path Vulnerability
Title: OpenVPN Private Tunnel 2.8.4 - 'ovpnagent' Unquoted Service Path Author: Sainadh Jamalpur Vendor Homepage: https://openvpn.net/ Software Link: https://swupdate.openvpn.org/privatetunnel/client/privatetunnel-win-2.8.exe Version : PrivateTunnel v2.8.4 Tested on: Windows 10 64bitEN CVE : N/A...