31 matches found
EUVD-2024-24656
Malicious code in bioql PyPI...
EUVD-2024-53726
Malicious code in bioql PyPI...
EUVD-2024-53724
Malicious code in bioql PyPI...
CVE-2024-57726
SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role...
CVE-2024-57727
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...
CVE-2024-57726
SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role...
CVE-2024-57727
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...
CVE-2024-57727
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...
PT-2024-12773 · Beyondtrust · Beyondtrust Remote Support
Name of the Vulnerable Software and Affected Versions: BeyondTrust Remote Support SaaS affected versions not specified Description: A security issue allowed hackers to exploit and breach Remote Support SaaS instances, resulting in the resetting of local account passwords. The incident led to the...
CVE-2024-45837
Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or manipulate unauthorized files...
CVE-2024-45837
Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or manipulate unauthorized files...
CVE-2024-45837
Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or manipulate unauthorized files...
PT-2024-31802 · Aiphone · Aiphone Ixg System
Name of the Vulnerable Software and Affected Versions: AIPHONE IX SYSTEM affected versions not specified AIPHONE IXG SYSTEM affected versions not specified System Support Software affected versions not specified Description: A use of hard-coded cryptographic key issue exists, allowing a...
Risk Fact #5: Keeping the Pace of Remediation at Cloud Scale Requires Automation
Qualys Blog Series – 2023 TotalCloud Security Insights by the Threat Research Unit The 2023 TotalCloud Security Insights report from the Qualys Threat Research Unit TRU provides research insights, best practices, and detailed recommendations organized by five separate Risk Facts. The insights wil...
Part III: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically
We outlined some critical cybersecurity metrics in Part I of this three-part blog series. In the final blog post, we will delve into three crucial aspects outlined in Josh’s article: tactical metrics for operational teams, strategic metrics for leadership, and the metrics addressing the...
Zoho ManageEngine SupportCenter Plus Cross-Site Scripting Vulnerability (CNVD-2022-29865)
Zoho ManageEngine SupportCenter Plus is a web-based customer support software from Zoho India. It is used to allow organizations to effectively manage customer requests, their account and contact information, service contracts, and provide a superior customer experience in the process.A cross-sit...
Zoho ManageEngine SupportCenter Plus 代码问题漏洞
ZOHO ManageEngine SupportCenter Plus is a web-based customer support software from ZOHO, Inc. Used to allow organizations to effectively manage customer requests, their account and contact information, and service contracts, and in the process provide a superior customer experience, ZOHO...
Unspecified Vulnerability in Avaya Equinox Conferencing
Avaya Equinox Conferencing is a conferencing support software from Avaya, USA. The software is a universal solution that includes all Avaya soft clients with the convergence of Avaya Aura Conferencing and Scopia for cell phones, browsers, desktops and conference room systems. A security...
DLA-1758-1 debian-security-support - security update
Bulletin has no description...
DualDesk 20 - Proxy.exe Denial of Service Vulnerability
Exploit for windows platform in category dos / poc + Credits: John Page aka hyp3rlinx Vendor: =============== www.dualdesk.com Product: =========== DualDesk v20 DualDesk is powerful, easy to use remote support software that is a one-time purchase and lets your technical support staff remote assis...