24 matches found
EUVD-2022-37612
Malicious code in bioql PyPI...
CVE-2022-34660
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34660
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34661
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34661
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
Race condition
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34661
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34660
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
PT-2022-4150 · Siemens · Teamcenter
Name of the Vulnerable Software and Affected Versions: Teamcenter versions prior to V12.4.0.15 Teamcenter versions prior to V13.0.0.10 Teamcenter versions prior to V13.1.0.10 Teamcenter versions prior to V13.2.0.9 Teamcenter versions prior to V13.3.0.5 Teamcenter versions prior to V14.0.0.2...
Wordpress Popular Posts Authenticated RCE
This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address 192/172/127/10. The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit...
[SECURITY] [DLA 2807-1] bind9 security update
Debian LTS Advisory DLA-2807-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 01, 2021 https://wiki.debian.org/LTS Package : bind9 Version : 1:9.10.3.dfsg.P4-12.3+deb9u10 CVE ID : CVE-2018-5740 CVE-2021-25219 Debian Bug : 905743 CVE-2021-25219 Kishore...
[slackware-security] bind
New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.11.36-i586-1slack14.2.txz: Upgraded. This update fixes bugs and the following security issue: The "lame-ttl" option...
PYSEC-2021-129
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with...
CVE-2020-5426 Scheduler for TAS can transmit privileged UAA token in plaintext
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. This also depended on the configuration of the MySQL server which is used to cache a UAA client token used by the service. If intercepted the token can give ...
Web Cache Poisoning
Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...
Web Cache Poisoning
Overview Affected versions of this package are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with defaul...
Information Exposure
Overview Versions of apollo-server-cache-memcached prior to 2.14.2 are vulnerable to Information Exposure. The package does not properly enforce validation rules when creating subscription servers, which includes a NoInstrospection rule for the Websocket. This leaks the GraphQL schema types, thei...
Lunar - A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory
A lightweight native DLL mapping library that supports mapping directly from memory Features Imports and delay imports are resolved Relocations are performed Image sections are mapped with the correct page protection Exception handlers are initialised A security cookie is generated and initialise...
Multiple TIBCO Product Information Disclosure Vulnerabilities (CNVD-2018-10558)
TIBCO JasperReports Server and so on are the products of the United States TIBCO Software Corporation.TIBCO JasperReports Server is a report generation and editing tools for the server version of the TIBCO JasperReports Server Community Edition is the community version of it. A security...
Pornhub: Mixed Reflected-Stored XSS on pornhub.com (without user interaction) in the playlist playing section
The researcher discovered a temporarily cached stored XSS using the playlist function of the website. I discovered a Reflected XSS under the PornHub playlists and reported it. Some time after, I noticed, that Reflected XSS using the pkey parameter of the playlist, e.g...