323 matches found
CVE-2019-13277
TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows an unauthenticated attacker to execute setup wizard functionality, giving this attacker the ability to change configuration values, potentially leading to a denial of service. The request can be made on the local intranet or...
CVE-2019-13277
The CVE-2019-13277 entry affects TRENDnet TEW-827DRU devices with firmware up to 2.04B03. An unauthenticated attacker can trigger the setup wizard functionality, enabling changes to configuration values. This can potentially lead to a denial of service. The attack is possible from the local intra...
CVE-2019-2113
In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079...
CVE-2019-2113
In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079...
Design/Logic Flaw
In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079...
CVE-2019-2113
In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079...
Authentication flaw
In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to a missing permission check. This could lead to local escalation of privilege and FRP bypass with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2019-2026
In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to a missing permission check. This could lead to local escalation of privilege and FRP bypass with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2019-2026
In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to a missing permission check. This could lead to local escalation of privilege and FRP bypass with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2019-2026
CVE-2019-2026 affects Android 8.0 Framework. In Editor.java’s updateAssistMenuItems, a missing permission check could allow local escalation of privilege and FRP bypass with no user interaction. The Android 2019-04-01 bulletin lists CVE-2019-2026 as a Framework EoP (High) issue for 8.0, indicatin...
Cannot connect to vCenter from PVS Console using stronger SCHANNEL Protocols, such as TLS 1.2
When running the XenDesktop Setup Wizard or the Streamed VM Wizard, and connecting to a vCenter Server that has been configured to only accept connections using TLS 1.1 or higher, the PVS Console could present an error stating that the Connection was closed. The error shown will have a text simil...
CVE-2018-9501
In the SetupWizard, there is a possible Factory Reset Protection bypass due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1...
XenDesktop Setup Wizard fails with error (UUID_INVALID)
When running the XenDesktop Setup Wizard XDSW you might receive the following error when selecting the PVS Accelerator Configuration. The error might also be shown when attempting to change the Accelerator Status of a Target Device or Enabling/Disabling the Accelerator setting on a Host Entry...
Microsoft Windows: BitLocker-protected removable drives recovery (wizard)
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winrmbitlockerrecoverywizard.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard Authors: Emanuel Mos...
Composr CMS Cross-Site Scripting Vulnerability
Composr CMS is an open source content management system CMS developed using HTML, CSS and WCAG technologies. A cross-site scripting vulnerability exists in Composr CMS version 10.0.13. A remote attacker can exploit this vulnerability by sending a page=admin-setupwizard&type=step3 request to...
CVE-2018-6518
Composr CMS 10.0.13 has XSS via the sitename parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php...
CVE-2018-6518
Composr CMS 10.0.13 has XSS via the sitename parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php...
Security Onion - Linux Distro For IDS, NSM, And Log Management
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wiza...
XenDesktop Setup Wizard fails with error "The xsPvsSiteUuid Field Does not exist"
When running the XenDesktop Setup Wizard XDSW you encounter the following error. "The xsPvsSiteUuid Field Does not exist" At this point the XDSW fails and aborts the process...
CVE-2017-1000503
A race condition during Jenkins 2.81 through 2.94 inclusive; 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related...