Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download Vulnerabilities

Siemens Energy Omnivise T3000 version 8.2 SP3 suffers from local privilege escalation, cleartext storage of passwords in configuration and log files, file system access allowing for arbitrary file download, and IP whitelist bypass...

Xerox Printers Authenticated Remote Code Execution Vulnerability

Various Xerox printers, such as models EC80xx, AltaLink, VersaLink, and WorkCentre, suffer from an authenticated remote code execution vulnerability. ======================================================================= title: Authenticated Remote Code Execution product: Multiple Xerox printers...

Lawo AG vsm LTC Time Sync Path Traversal

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated Path Traversal Vulnerability product: Lawo AG - vsm LTC Time Sync vTimeSync vulnerable version: 4.5.6.0 fixed version: 4.5.6.0 CVE number: CVE-2024-6049...

HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: HAWKI Interaction Design Team at the University of Applied Sciences and Arts in Hildesheim/Germany vulnerable version: 1.0.0-beta.1,...

Qognify VMS Client Viewer 7.1 DLL Hijacking

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via DLL Hijacking product: Qognify VMS Client Viewer vulnerable version: =7.1 fixed version: see solution CVE number: CVE-2023-49114 impact:...

GHSA-VQXQ-HVXW-9MV9 Statmic CMS vulnerable to account takeover via XSS and password reset link

Impact HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects: - front-end forms with asset fields without any mime type validation - asset fields in the control panel - asset browser in the control panel Additionally, if the XSS is crafted in a specific...

Statmic CMS vulnerable to account takeover via XSS and password reset link

Impact HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects: - front-end forms with asset fields without any mime type validation - asset fields in the control panel - asset browser in the control panel Additionally, if the XSS is crafted in a specific...

PDF24 Creator 11.15.1 Local Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: PDF24 Creator geek Software GmbH vulnerable version: =11.15.1 fixed version: 11.15.2 CVE number: CVE-2023-49147...

SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: SAP® Enable Now Manager vulnerable version: 10.6.5 Build 2804 Cloud Edition fixed version: May 2023 Release CVE number: N/A cloud impact...

PTC - Codebeamer Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected Cross-Site Scripting XSS product: PTC - Codebeamer ALM Solution vulnerable version: =22.10-SP8, =22.04-SP6, =21.09-SP14 CVE number: CVE-2023-4296 impact: high...

ILIAS eLearning Platform XSS / Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple high risk vulnerabilities product: ILIAS eLearning platform vulnerable version: see section "Vulnerable version" below fixed version: see section "Solution" belo...

Siemens SICAM A8000 Devices

​​As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...

Wekan 6.74 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored XSS vulnerability in rename functionality product: Wekan Open-Source kanban vulnerable version: =6.74 fixed version: 6.75 or higher CVE number: CVE-2023-28485...

Arris DG3450 AR01.02.056.18_041520_711.NCS.10 XSS / Missing Authentication Vulnerabilities

Arris DG3450 cable gateway version AR01.02.056.18041520711.NCS.10 suffers from cross site scripting and missing authentication vulnerabilities. ======================================================================= title: Multiple Vulnerabilities product: Arris DG3450 Cable Gateway vulnerable...

Barracuda CloudGen WAN OS Command Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: OS Command Injection product: Barracuda CloudGen WAN vulnerable version: v8. hotfix 1089 fixed version: v8. with hotfix webui-sdwan-1089-8.3.1-174141891 or above version...

B&R Systems Diagnostics Manager Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple XSS Vulnerabilities product: B&R Systems Diagnostics Manager vulnerable version: =3.00 and =D4.93 CVE number: CVE-2022-4286 impact: medium homepage:...

Eclipse Business Intelligence Reporting Tool 4.11.0 Remote Code Execution Vulnerability

======================================================================= title: Remote code execution - CVE-2021-34427 bypass product: Eclipse Business Intelligence Reporting Tool BiRT vulnerable version: = 4.11.0 fixed version: 4.12 CVE number: CVE-2021-34427 impact: High homepage:...

Eclipse Business Intelligence Reporting Tool 4.11.0 Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Remote code execution - CVE-2021-34427 bypass product: Eclipse Business Intelligence Reporting Tool BiRT vulnerable version: = 4.11.0 fixed version: 4.12 CVE number:...

ILIAS eLearning 7.15 Command Injection / XSS / LFI / Open Redirect Vulnerabilities

ILIAS eLearning versions 7.15 and below suffer from authenticated command injection, persistent cross site scripting, local file inclusion, and open redirection vulnerabilities. ======================================================================= title: Multiple critical vulnerabilities produc...

Zhuhai Suny Technology ESL Tag Forgery / Replay Attacks

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Replay attacks & Displaying arbitrary contents product: Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol electronic shelf labels vulnerable version: All fixed version:...