37 matches found
EUVD-2021-28775
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-41767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
BIT-GUACAMOLE-2021-41767
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
Information Disclosure
guacamole-common is vulnerable to information disclosure. The vulnerability exists due to the incorrectly included private tunnel identifier in non-private details of some REST responses, allowing an authenticated attacker to interact with another user's active session...
Apache Guacamole Information Disclosure Vulnerability (CNVD-2022-04988)
Apache Guacamole is a clientless remote desktop gateway from the Apache Foundation in the United States. The product supports protocols such as VNC, RDP, and SSH. A security vulnerability exists in Apache Guacamole 1.3.0, which stems from the fact that Apache Guacamole 1.3.0 and earlier versions...
Design/Logic Flaw
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
CVE-2021-41767
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
UBUNTU-CVE-2021-41767
Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...
CVE-2021-41767
CVE-2021-41767 affects Apache Guacamole 1.3.0 and older. The issue arises when a private tunnel identifier is wrongly included in the non-private details of certain REST responses, enabling an authenticated user who already has access to a connection to read from or interact with another user’s a...
CVE-2021-41767
Removed by vendor...
PT-2022-11481 · Apache +1 · Apache Guacamole +1
Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.3.0 and older Description: The issue allows an authenticated user who already has permission to access a particular connection to potentially read from or interact with another user's active use of that same...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
Code injection
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
CVE-2020-15076
CVE-2020-15076 affects the OpenVPN Private Tunnel macOS installer (version 3.0.1 and earlier). The root cause is a symbolic link in /tmp via the mp directory used by the installer, which can lead to corruption of system files that should not be accessible. Public exploit details are not provided ...
CVE-2020-15076
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp...
OpenVPN Private Tunnel 2.8.4 - ovpnagent Unquoted Service Path
OpenVPN Private Tunnel 2.8.4 - ovpnagent Unquoted Service Path Title: OpenVPN Private Tunnel 2.8.4 - 'ovpnagent' Unquoted Service Path Author: Sainadh Jamalpur Date: 2019-10-31 Vendor Homepage: https://openvpn.net/ Software Link:...
OpenVPN Private Tunnel 2.8.4 - 'ovpnagent' Unquoted Service Path
Title: OpenVPN Private Tunnel 2.8.4 - 'ovpnagent' Unquoted Service Path Author: Sainadh Jamalpur Date: 2019-10-31 Vendor Homepage: https://openvpn.net/ Software Link: https://swupdate.openvpn.org/privatetunnel/client/privatetunnel-win-2.8.exe Version : PrivateTunnel v2.8.4 Tested on: Windows 10...