Rockwell Automation Connected Components Workbench 路径遍历漏洞

Rockwell Automation CCW is an HMI editor and component-level industrial product for designing and configuring applications and performing microcontroller turns. A path traversal vulnerability exists in Rockwell Automation Connected Components Workbench, which can be exploited by an attacker to...

Trend Micro Apex Central CVE-2019-19692 Cross Site Scripting Vulnerability

Description Trend Micro Apex Central is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Thi...

Cisco Unified Contact Center Express CVE-2019-15259 HTTP Response Splitting Vulnerability

Description Cisco Unified Contact Center Express is prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into having a...

Microsoft Office Token Reuse CVE-2014-1808 Information Disclosure Vulnerability

Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2013 32-bit editions Microsoft Office 2013 64-bit editions Microsoft Office 20...

CVE-2005-2496

The xntpd ntp ntpd daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended...