PT-2023-21056 · Git +1 · Opencats

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Improper neutralization of input during web page generation allows an authenticated attacker with access to a restricted account to submit malicious...

CVE-2023-27294

Improper neutralization of input during web page generation allows an authenticated attacker with access to a restricted account to submit malicious Javascript as the description for a calendar event, which would then be executed in other users' browsers if they browse to that event. This could...

CVE-2023-22938

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘sendemail’ REST API endpoint lets any authenticated user send an email as the Splunk instance. The endpoint is now restricted to the ‘splunk-system-user’ account on the local instance...

CVE-2019-18188

Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution RCE. The remote process execution is bound to the IUSR...

CVE-2019-1730 Cisco NX-OS Software Bash Bypass Guest Shell Vulnerability

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...

Easy File Sharing WS v7.2 - (UserId) Buffer Overflow

Document Title: =============== Easy File Sharing WS v7.2 - UserId Buffer Overflow References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2149 Release Date: ============= 2018-10-01 Vulnerability Laboratory ID VL-ID: ==================================== 2149...