EUVD-2023-32045

Malicious code in bioql PyPI...

EUVD-2023-32048

Malicious code in bioql PyPI...

CVE-2023-28347

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker to create a proof-of-concept script that functions similarly to a Student Console, providing unauthenticated attackers with the ability to exploit XSS vulnerabilities within the Teacher Console...

The vulnerability of the Teacher Console and Student Console components of the Faronics Insight computer network management platform allows a hacker to perform cross-site scripting attacks.

The vulnerability of the Teacher Console and Student Console components of the Faronics Insight computer network management platform is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

The vulnerability of the Teacher Console and Student Console components of the Faronics Insight computer network management platform allows a attacker to execute a type of attack known as “man-in-the-middle” attack.

The vulnerability of the Teacher Console and Student Console components of the Faronics Insight computer network management platform is related to the unencrypted storage of confidential information. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle”...

The vulnerability of the Student Console component in the Faronics Insight computer network management platform allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Student Console component in the Faronics Insight computer network management platform is related to the unencrypted storage of confidential information in keyboard input logs. Exploiting this vulnerability could allow an intruder to gain unauthorized access to the...

The vulnerability of the Student Console component in the Faronics Insight computer network management platform allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Student Console component in the Faronics Insight computer network management platform involves bypassing the authentication process by using an alternative path or channel when handling endpoints. Exploiting this vulnerability allows a malicious actor to gain read, modif...

The vulnerability of the Enhanced Security mode of the Teacher Console and Student Console on the Faronics Insight computer network management platform allows a perpetrator to bypass security restrictions, gain unauthorized access to protected information, or execute arbitrary codes.

The vulnerability of the Enhanced Security mode of the Teacher Console and Student Console on the Faronics Insight computer network management platform is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent...

CVE-2023-28352

An issue was discovered in Faronics Insight 10.0.19045 on Windows. By abusing the Insight UDP broadcast discovery system, an attacker-controlled artificial Student Console can connect to and attack a Teacher Console even after Enhanced Security Mode has been enabled...

CVE-2023-28352

An issue was discovered in Faronics Insight 10.0.19045 on Windows. By abusing the Insight UDP broadcast discovery system, an attacker-controlled artificial Student Console can connect to and attack a Teacher Console even after Enhanced Security Mode has been enabled...

CVE-2023-28350

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an attacker to execute JavaScript in these applications. Due to the rich and highly privileged...

CVE-2023-28350

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an attacker to execute JavaScript in these applications. Due to the rich and highly privileged...

CVE-2023-28350

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an attacker to execute JavaScript in these applications. Due to the rich and highly privileged...

CVE-2023-28350

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an attacker to execute JavaScript in these applications. Due to the rich and highly privileged...

CVE-2023-28352

An issue was discovered in Faronics Insight 10.0.19045 on Windows. By abusing the Insight UDP broadcast discovery system, an attacker-controlled artificial Student Console can connect to and attack a Teacher Console even after Enhanced Security Mode has been enabled...

PT-2023-2993 · Faronics · Faronics Insight

Name of the Vulnerable Software and Affected Versions: Faronics Insight versions 10.0.19045 Description: The issue is related to the lack of protection of the web page structure in the Teacher Console and Student Console components of the Faronics Insight platform. This allows an attacker to...

PT-2023-2968 · Faronics · Faronics Insight

Name of the Vulnerable Software and Affected Versions: Faronics Insight version 10.0.19045 Description: The issue is related to insufficient protection of service data in the Enhanced Security mode of the Teacher Console and Student Console of the Faronics Insight platform. Exploitation of this...

PT-2023-2973 · Faronics · Faronics Insight

Name of the Vulnerable Software and Affected Versions: Faronics Insight version 10.0.19045 Description: The issue allows a suitably positioned attacker to perform a man-in-the-middle attack on either a connected student or teacher. This enables them to intercept student keystrokes or modify...