72 matches found
Fortinet FortiManager Security Vulnerability
Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and the ability to group devices into different administrative domains ADOMs to further simplify multi-device security deployme...
AZL-30045 CVE-2023-4156 affecting package gawk for versions less than 5.1.1-1
A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information...
Sql injection
SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data insert/update/delete, perform database administration operations and, in some cases, execute commands on the...
CVE-2023-40827
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter...
SUSE CVE-2023-4156
A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information...
DEBIAN-CVE-2023-35947
Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwritten anywhere the...
Open-Xchange OX App Suite 安全漏洞
Open-Xchange OX App Suite is an e-mail and productivity suite client software from German company Open-Xchange. A security vulnerability exists in OX App Suite that stems from overly lax default permissions on file attributes, which allows local system users to read potentially sensitive...
CVE-2023-0025
SAP Solution Manager BSP Application - version 720, allows an authenticated attacker to craft a malicious link, which when clicked by an unsuspecting user, can be used to read or modify some sensitive information or craft a payload which may restrict access to the desired resources...
USN-5852-1 swift vulnerability
It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server...
CVE-2022-41274
SAP Disclosure Management - version 10.1, allows an authenticated attacker to exploit certain misconfigured application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can lead to the exposure of data like financial reports...
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 Core, which can be exploited by an attacker to read sensitive information by bypassing access restrictions to TYPO3 Core data via site configurati...
HCL Technologies HCL Domino 输入验证错误漏洞
HCL Technologies HCL Domino is a software application from HCL Technologies, India. It provides a platform for application development. A security vulnerability exists in HCL Domino, which can be exploited by an attacker to bypass access restrictions on HCL Domino data iNotes, by linking through...
CVE-2022-20734
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerabilit...
Blender 数字错误漏洞
Blender is a specialized free and open source 3D computer graphics software. A numeric error vulnerability exists in Blender that could be exploited by an attacker to read sensitive data using a crafted DDS image file...
Sonatype Nexus Repository Manager 信息泄露漏洞
Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. An information disclosure vulnerability exists in Sonatype Nexus Repository Manager, which can be exploited by an attacker to bypass acces...
IBM Cloud Pak for Data 信息泄露漏洞
Ibm Cloud Pak For Data is an open and scalable data platform from Ibm USA, Inc. provides a data structure that makes all data available for AI and analytics on any cloud.A security vulnerability exists in IBM Cloud Pak for Data that stems from the fact that IBM Cloud Pak for Data can allow a loca...
Apple iOS 和 iPadOS 权限许可和访问控制问题漏洞
Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A permission and access control issue exists in Apple iOS and iPadOS NetworkExtension, which can be exploited by a...
Unauthorized Access Vulnerability in ThinkAdmin
ThinkAdmin is a backend management framework based on the latest ThinkPHP V6 development, using the loosest MIT protocol open source. ThinkAdmin has an unauthorized access vulnerability. Attackers can use the vulnerability to bypass login to directly read and modify sensitive information...
Multiple Apple Products GeoServices Component Authorization Issue Vulnerability
Apple iOS is a product of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple iPadOS is an operating system for iPad tablets. geoServices is a geo-services component of the... A security vulnerability exists in the...
Kronos WebTA SQL Injection Vulnerability
Kronos WebTA is an attendance system. Kronos WebTA suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to read sensitive data from the database...