3794 matches found
CVE-2022-24399
The SAP Focused Run Real User Monitoring - versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting XSS vulnerability...
CVE-2022-24399
The SAP Focused Run Real User Monitoring - versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting XSS vulnerability...
CVE-2022-24399
The SAP Focused Run Real User Monitoring - versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting XSS vulnerability...
Cross site scripting
The SAP Focused Run Real User Monitoring - versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting XSS vulnerability...
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Mar 2022)
This host is missing an important security update according to Microsoft Office Click-to-Run updates SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
plymouthsantafunrun.co.uk Improper Access Control vulnerability OBB-2418841
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SAP Focused Run 信息泄露漏洞
SAP Focused Run is a data center and large customer system operations management solution the ultimate solution for high-volume monitoring, alerting, diagnostics, and analytics from SAP, Germany. An information disclosure vulnerability exists in SAP Focused Run Simple Diagnostics Agent 1.0...
SAP Focused Run 安全漏洞
SAP Focused Run is a data center and large customer systems operations management solution the ultimate solution for high volume monitoring, alerting, diagnostics and analysis from SAP. An Access Control Error vulnerability exists in SAP Focused Run, which stems from a failure to perform any...
SAP Focused Run 跨站脚本漏洞
SAP Focused Run is a data center and large customer system operations management solution the ultimate solution for high-volume monitoring, alerting, diagnostics, and analytics from SAP, Germany. A cross-site scripting vulnerability exists in SAP Focused Run. No information about this vulnerabili...
CVE-2022-24399
The SAP Focused Run Real User Monitoring - versions 200, 300, REST service does not sufficiently sanitize the input name of the file using multipart/form-data, resulting in Cross-Site Scripting XSS vulnerability...
CVE-2022-24399
SAP Focused Run (Real User Monitoring) FRUN 2.00 (2.00) and FRUN 3.00 (3.00) REST service are affected by a Cross-Site Scripting (XSS) flaw. The root cause is insufficient sanitization of the multipart/form-data input file name, enabling XSS in some contexts. Remediation/workarounds cited in conn...
PT-2022-16674 · Sap · Sap Focused Run
Name of the Vulnerable Software and Affected Versions: SAP Focused Run Real User Monitoring versions 200, 300 Description: The issue is related to a Cross-Site Scripting XSS vulnerability. It occurs because the REST service does not sufficiently sanitize the input name of the file using...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
WordPress Run time Image resizing plugin <= 1.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Run time Image resizing plugin versions = 1.1. Solution No patched version available...
The vulnerability of the Click-to-Run package services for Microsoft Office and Microsoft 365 Apps for Enterprise allows a perpetrator to execute arbitrary code.
The vulnerability of the Click-to-Run package services for Microsoft Office and Microsoft 365 Apps for Enterprise is related to improper code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux Linux_Kernel
CVE-2021-4204 Chinese writeup: https://tr3e.ee/posts/cve-2021...
Aruba AOS-CX 命令注入漏洞
Aruba AOS-CX is a modern programmable network from Aruba, USA. A security vulnerability exists in the Aruba AOS-CX that can be exploited by an attacker to run code through the command line interface...
TurboRouter: deposit(), mint(), createSafeAndDeposit() and createSafeAndDepositAndBoost() functions may be vulnerable to FRONT-RUN attack
Lines of code Vulnerability details Impact The TurboRouter contract inherits from the PeripheryPayments contract. To execute the deposit, mint, createSafeAndDeposit and createSafeAndDepositAndBoost functions of the TurboRouter contract, the user needs to first execute the pullToken and approve...
DEBIAN-CVE-2021-3781
A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...