28 matches found
EUVD-2022-37612
Malicious code in bioql PyPI...
CVE-2022-34660
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
The vulnerability of the Next.js software platform for creating web applications lies in its ability to bypass authentication by using a user-controlled key. This allows attackers to disclose sensitive information that should be protected.
The vulnerability of the Next.js web application development software platform lies in the ability to bypass authentication by using a user-controlled key. Exploiting this vulnerability allows an attacker to disclose sensitive information by sending a non-dynamic cache from the server...
The vulnerability of the NSCCD server caching daemon in the GNU C Library allows a attacker to cause a service failure.
The vulnerability of the NSCCD name server’s caching mechanism in the GNU C Library is related to the insufficient use of the assert function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the File Server Cache service in the Teamcenter product lifecycle management system allows a hacker to trigger a service failure.
The vulnerability of the File Server Cache service in the Teamcenter product lifecycle management system is related to the execution of a cycle with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the File Server Cache service in the Teamcenter product lifecycle management system allows a hacker to execute arbitrary commands.
The vulnerability of the File Server Cache service in the Teamcenter product lifecycle management system is related to insufficient checking of arguments passed to commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
CVE-2022-34660
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34661
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34661
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
Race condition
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34661
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
CVE-2022-34660
A vulnerability has been identified in Teamcenter V12.4 All versions V12.4.0.15, Teamcenter V13.0 All versions V13.0.0.10, Teamcenter V13.1 All versions V13.1.0.10, Teamcenter V13.2 All versions V13.2.0.9, Teamcenter V13.3 All versions V13.3.0.5, Teamcenter V14.0 All versions V14.0.0.2. File Serv...
PT-2022-4150 · Siemens · Teamcenter
Name of the Vulnerable Software and Affected Versions: Teamcenter versions prior to V12.4.0.15 Teamcenter versions prior to V13.0.0.10 Teamcenter versions prior to V13.1.0.10 Teamcenter versions prior to V13.2.0.9 Teamcenter versions prior to V13.3.0.5 Teamcenter versions prior to V14.0.0.2...
Wordpress Popular Posts Authenticated RCE
This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address 192/172/127/10. The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit...
[SECURITY] [DLA 2807-1] bind9 security update
Debian LTS Advisory DLA-2807-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 01, 2021 https://wiki.debian.org/LTS Package : bind9 Version : 1:9.10.3.dfsg.P4-12.3+deb9u10 CVE ID : CVE-2018-5740 CVE-2021-25219 Debian Bug : 905743 CVE-2021-25219 Kishore...
[slackware-security] bind
New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.11.36-i586-1slack14.2.txz: Upgraded. This update fixes bugs and the following security issue: The "lame-ttl" option...
PYSEC-2021-129
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with...
CVE-2020-5426 Scheduler for TAS can transmit privileged UAA token in plaintext
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. This also depended on the configuration of the MySQL server which is used to cache a UAA client token used by the service. If intercepted the token can give ...
Web Cache Poisoning
Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...
Web Cache Poisoning
Overview Affected versions of this package are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with defaul...