1830 matches found
GSD-2022-1004977 iio: light: cm3605: Fix an error handling path in cm3605_probe()
iio: light: cm3605: Fix an error handling path in cm3605probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...
Fedora: Security Advisory for cloudcompare (FEDORA-2022-9cbdf39a5a)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: cloudcompare-2.9.1-16.fc35
CloudCompare is a 3D point cloud and triangular mesh processing software. It has been originally designed to perform comparison between two 3D points clouds such as the ones obtained with a laser scanner or between a point cloud and a triangular mesh. It relies on a specific octree structure that...
Keysight Technologies Sensor Management Server addLicenseFile Path Traversal (CVE-2022-38129)
Binary data keysightsmscve-2022-38129.nbin...
Cisco ASA-X With FirePOWER Services Authenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA-X with FirePOWER Services Authenticated Command Injection', 'Description' = %q This module exploits an authenticated command injection...
Cisco ASA-X with FirePOWER Services Authenticated Command Injection
This module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual machine...
FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS Vulnerabilities
FLIR AX8 versions 1.46.16 and below suffer from command injection, directory traversal, improper access control, and cross site scripting vulnerabilities. FLIR AX8 vulnerabilities. Product description: The FLIR AX8 is a thermal sensor with imaging capabilities, combining thermal and visual camera...
FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS
FLIR AX8 vulnerabilities. Product description: The FLIR AX8 is a thermal sensor with imaging capabilities, combining thermal and visual cameras that provides continuous temperature monitoring and alarming for critical electrical and mechanical equipment. Affected products: All FLIR AX8 thermal...
CVE-2022-37062
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and...
CVE-2022-37063
All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting XSS due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the...
Design/Logic Flaw
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and...
CVE-2022-37060
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files...
Directory traversal
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files...
CVE-2022-37063
The connected sources confirm CVE-2022-37063 affects Teledyne FLIR AX8 thermal sensor cameras up to version 1.46.16, due to improper input sanitization that enables authenticated remote XSS in the web management interface. Successful exploits can execute arbitrary JavaScript in the victim’s brows...
CVE-2022-37063
All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting XSS due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the...
CVE-2022-37062
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and...
CVE-2022-37062
The CVE-2022-37062 issue affects Teledyne FLIR AX8 thermal sensor cameras version up to and including 1.46.16, due to an insecure design from improper directory access restriction that allows an unauthenticated remote attacker to request a URI containing the path to the SQLite users database and ...
PT-2022-23779 · Flir · Flir Ax8
Name of the Vulnerable Software and Affected Versions: FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 Description: The issue is due to improper input sanitization, allowing an authenticated remote attacker to execute arbitrary JavaScript code in the web management interface...
CVE-2022-37060
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files...
CVE-2022-37060
The CVE-2022-37060 entry relates to Teledyne FLIR AX8 thermal sensor cameras affected up to firmware version 1.46.16. A directory traversal flaw arises from improper access restrictions, allowing an unauthenticated, remote attacker to disclose files outside the restricted server path by sending c...