27 matches found
EUVD-2019-19922
Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to crash the application by supplying an excessively long string in the log file name field. Attackers can enable session logging, paste a buffer of 500 or more characters into the log...
CVE-2019-25590
Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to crash the application by supplying an excessively long string in the log file name field. Attackers can enable session logging, paste a buffer of 500 or more characters into the log...
CVE-2019-25590 Axessh 4.2 Denial of Service via Log File Name
Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to crash the application by supplying an excessively long string in the log file name field. Attackers can enable session logging, paste a buffer of 500 or more characters into the log...
PT-2026-26978
Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to crash the application by supplying an excessively long string in the log file name field. Attackers can enable session logging, paste a buffer of 500 or more characters into the log...
CVE-2025-20329 Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid...
EUVD-2022-32137
Malicious code in bioql PyPI...
CVE-2024-3982
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator...
CVE-2024-3982
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator...
CVE-2024-3982
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator...
CVE-2024-3982
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator...
CVE-2024-3982
CVE-2024-3982 affects Hitachi Energy MicroSCADA X SYS600. A local attacker could enable the product’s session logging and attempt to hijack an already established session. By default, session logging is disabled and only administrators can enable it. Several connected sources also describe a loca...
CVE-2024-3982
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users with administrator...
PT-2024-8680 · Unknown · Microscada X Sys600
Name of the Vulnerable Software and Affected Versions: MicroSCADA X SYS600 affected versions not specified Description: The issue is related to bypassing the authentication procedure in the MicroSCADA X SYS600 system. An attacker with local access to the machine where MicroSCADA X SYS600 is...
Metasploit Weekly Wrap-Up 07/26/2024
New module content 3 Magento XXE Unserialize Arbitrary File Read Authors: Heyder and Sergey Temnikov Type: Auxiliary Pull request: 19304 contributed by heyder Path: gather/magentoxxecve202434102 AttackerKB reference: CVE-2024-34102 Description: This adds an auxiliary module for an XXE which resul...
[SECURITY] Fedora 35 Update: ipython-7.26.0-3.fc35
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
OPENSUSE-SU-2021:1494-1 Security update for hylafax+
hylafax+ was updated to version 7.0.4: README.SUSE renamed hylafax.diff added for boo1191571 pre-correction Dependencies on systemd-services adjusted retry training twice at the same bitrate unless FTT 26 Aug 2021 add missing reason messages for session failures 21 Aug 2021 stop attempts to send ...
Lenovo XClarity Orchestrator 安全漏洞
Lenovo XClarity Orchestrator is an application from the Chinese company Lenovo. It provides centralized monitoring, management, and analysis for environments containing a large number of devices. A security vulnerability exists in LXCO prior to version 1.2.2, which stems from the fact that if the...
Citrix RDSWatcher
Description RDSWatcher is an advanced Remote Desktop Services session state monitor and logger. It watches all sessions on any Windows machine and logs all session state changes with time stamp as accurately as twice a second. RDSWatcher provides the connection status of current sessions and is...
How to Enable and Collect Logging for Citrix Workspace App (CWA) for Mac
This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Citrix Workspace App CWA for Maclogging This article provides an overview of logging features...
SSH MITM Tool
SSH MITM Tool This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the...