933 matches found
PT-2024-40903 · Unknown · Generational-Arena
Name of the Vulnerable Software and Affected Versions: generational-arena affected versions not specified Description: The generational-arena crate's repository has been archived and is no longer maintained. Recommendations: At the moment, there is no information about a newer version that contai...
Veeam Recovery Orchestrator Security Breach
Veeam Recovery Orchestrator is a Veeam company that provides comprehensive reporting, automated testing, and at-a-glance compliance dashboards. A security vulnerability exists in Veeam Recovery Orchestrator. An attacker exploiting the vulnerability could retrieve plans from a range other than the...
PT-2024-12384 · Unknown · Multi-Mode Call Processor
Name of the Vulnerable Software and Affected Versions: Multi-Mode Call Processor affected versions not specified Description: The issue is related to a Transient Denial of Service DOS in the Multi-Mode Call Processor. This occurs due to a UE failure caused by heap leakage. Recommendations: At the...
New machines are created in default OU rather than OU specified during catalog creation
MCS machines created from DaaS studio are getting created in default computer OU, rather than the OU selected during catalog creation...
CSRF vulnerability in Jenkins GitLab Branch Source Plugin
Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier does not require POST requests for a form validation endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified URL. GitLab Branch Source Plugin...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier allows attackers to connect to an attacker-specified URL...
CVE-2024-23902
A cross-site request forgery CSRF vulnerability in Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier allows attackers to connect to an attacker-specified URL...
CVE-2024-23902
A cross-site request forgery CSRF vulnerability in Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier allows attackers to connect to an attacker-specified URL...
CVE-2024-23902
A cross-site request forgery CSRF vulnerability in Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier allows attackers to connect to an attacker-specified URL...
PT-2024-1146 · Microsoft · Windows Message Queuing +1
Name of the Vulnerable Software and Affected Versions: Windows Message Queuing affected versions not specified Description: The issue is related to weaknesses in the access control mechanism of the Windows Message Queuing system, which can be exploited by a remote attacker to disclose protected...
PT-2024-1084 · Microsoft · Azure Storage Mover
Name of the Vulnerable Software and Affected Versions: Azure Storage Mover affected versions not specified Description: The issue is related to a buffer overflow in memory, allowing an attacker to execute arbitrary code. Recommendations: At the moment, there is no information about a newer versio...
PT-2024-1182 · Bosch · Bosch Nexo Cordless Nutrunner +2
Name of the Vulnerable Software and Affected Versions: Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner affected versions not specified Description: The issue is related to a buffer overflow in the stack of the NEXO-OS operating system, which can be exploited by an...
PT-2024-13915 · Hcl · Hcl Dryice Myxalytics
Name of the Vulnerable Software and Affected Versions: HCL DRYiCE MyXalytics affected versions not specified Description: The issue is an Open Redirect vulnerability that could allow an attacker to redirect users to malicious sites, potentially leading to phishing attacks or other security threat...
PT-2023-31830 · Huawei · Honor
Name of the Vulnerable Software and Affected Versions: Honor products affected versions not specified Description: The issue is related to a buffer overflow, which could lead to code execution if successfully exploited. Recommendations: At the moment, there is no information about a newer version...
PT-2023-18933 · Huawei · Honor
Name of the Vulnerable Software and Affected Versions: Honor products affected versions not specified Description: The issue is related to a file writing vulnerability. Successful exploitation of this vulnerability could cause information disclosure. Recommendations: At the moment, there is no...
PT-2023-35669 · Git +1 · Ndpi
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 2 crash has been reported. The crash occurs in the processClientServerHello function, specifically in the process tls and fuz...
CVE-2023-50778
A cross-site request forgery CSRF vulnerability in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified token...
PT-2023-36300 · Suse · Container-Suseconnect
Name of the Vulnerable Software and Affected Versions: container-suseconnect affected versions not specified Description: The issue is related to a security release in the go 1.21 package. The container-suseconnect package has been rebuilt with this security release to address the issue. There is...
PT-2023-36082 · Repox · Repox
Name of the Vulnerable Software and Affected Versions: Repox affected versions not specified Description: A path traversal issue has been detected, allowing an attacker to read arbitrary files on the server. This could lead to the disclosure of sensitive information, including application code,...
PT-2023-29108 · Unknown · Designed For Reliability (Dfr) Module
Name of the Vulnerable Software and Affected Versions: Designed for Reliability DFR module affected versions not specified Description: The issue concerns a missing permission verification for APIs in the Designed for Reliability DFR module. Successful exploitation of this issue may affect servic...