45 matches found
EUVD-2023-32050
Malicious code in bioql PyPI...
EUVD-2023-32048
Malicious code in bioql PyPI...
EUVD-2023-32047
Malicious code in bioql PyPI...
EUVD-2023-32043
Malicious code in bioql PyPI...
CVE-2023-28347
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker to create a proof-of-concept script that functions similarly to a Student Console, providing unauthenticated attackers with the ability to exploit XSS vulnerabilities within the Teacher Console...
CVE-2023-28344
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application allows unauthenticated attackers to view constantly updated screenshots of student desktops and to submit falsified screenshots on behalf of students. Attackers are able to view screenshots ...
CVE-2023-28345
An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher's Console password in cleartext via an API endpoint accessible from localhost. Attackers with physical access to the Teacher Console can open a web browser, navigate to t...
CVE-2023-28349
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker to create a crafted program that functions similarly to the Teacher Console. This can compel Student Consoles to connect and put themselves at risk automatically. Connected Student Consoles can be...
CVE-2023-28350
An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an attacker to execute JavaScript in these applications. Due to the rich and highly privileged...
The vulnerability of the Teacher Console and Student Console components of the Faronics Insight computer network management platform allows a hacker to perform cross-site scripting attacks.
The vulnerability of the Teacher Console and Student Console components of the Faronics Insight computer network management platform is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...
The vulnerability of the Teacher Console and Student Console components of the Faronics Insight computer network management platform allows a attacker to execute a type of attack known as “man-in-the-middle” attack.
The vulnerability of the Teacher Console and Student Console components of the Faronics Insight computer network management platform is related to the unencrypted storage of confidential information. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle”...
The vulnerability of the Teacher Console component in the Faronics Insight computer network management platform allows a hacker to escalate their privileges and execute arbitrary code.
The vulnerability of the Teacher Console component in the Faronics Insight computer network management platform is related to the unlimited download of dangerous files due to insufficient access control. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execut...
The vulnerability of the Teacher Console component in the Faronics Insight computer network management platform allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Teacher Console component in the Faronics Insight computer network management platform is related to deficiencies in access control when processing the agentid parameter. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected...
The vulnerability of the Teacher Console component in the Faronics Insight computer network management platform allows a hacker to execute arbitrary code.
The vulnerability of the Teacher Console component in the Faronics Insight computer network management platform is related to redirecting errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Enhanced Security mode of the Teacher Console and Student Console on the Faronics Insight computer network management platform allows a perpetrator to bypass security restrictions, gain unauthorized access to protected information, or execute arbitrary codes.
The vulnerability of the Enhanced Security mode of the Teacher Console and Student Console on the Faronics Insight computer network management platform is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to circumvent...
The vulnerability of the Teacher Console component in the Faronics Insight computer network management platform allows a hacker to perform cross-site scripting attacks.
The vulnerability of the Teacher Console component in the Faronics Insight computer network management platform is related to the lack of protective measures taken for the structure of the web page during the processing of the “loggedInUser” field. Exploiting this vulnerability allows a remote...
CVE-2023-28352
An issue was discovered in Faronics Insight 10.0.19045 on Windows. By abusing the Insight UDP broadcast discovery system, an attacker-controlled artificial Student Console can connect to and attack a Teacher Console even after Enhanced Security Mode has been enabled...
CVE-2023-28352
An issue was discovered in Faronics Insight 10.0.19045 on Windows. By abusing the Insight UDP broadcast discovery system, an attacker-controlled artificial Student Console can connect to and attack a Teacher Console even after Enhanced Security Mode has been enabled...
CVE-2023-28353
An issue was discovered in Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker is able to upload any type of file to any location on the Teacher Console's computer, enabling a variety of different exploitation paths including code execution. It is also possible for the attacker to...
CVE-2023-28353
An issue was discovered in Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker is able to upload any type of file to any location on the Teacher Console's computer, enabling a variety of different exploitation paths including code execution. It is also possible for the attacker to...