9 matches found
CVE-2024-48829
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code 'Code Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...
PT-2025-46710
Name of the Vulnerable Software and Affected Versions Dell SmartFabric OS10 Software versions prior to 10.6.1.0 Description Dell SmartFabric OS10 Software versions prior to 10.6.1.0 contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' issue. A low privilege...
CVE-2025-3446 Members Without Guest Invite Permissions Can Add Guests to Teams
Mattermost versions 10.6.x = 10.6.1, 10.5.x = 10.5.2, 10.4.x = 10.4.4, 9.11.x = 9.11.11 fail to check the correct permissions which allows authenticated users who only have permission to invite non-guest users to a team to add guest users to that team via the API to add a single user to a team...
Vulnerabilities fixed in Esri ArcGIS Server
Esri has fixed vulnerabilities in ArcGIS Server. A malicious party could exploit the vulnerabilities to perform of a Same-Site Request Forgery SSRF or Cross-Site Scripting XSS attack. The latter can lead to the execution of arbitrary script code in the browser used to visit the application visite...
McAfee Endpoint Security Code Injection Vulnerability
McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on....
McAfee Endpoint Security (ENS) Microsoft Windows Client Elevation of Privilege Vulnerability
McAfee Endpoint Security is McAfee's latest antivirus product that provides comprehensive protection against network security threats. An elevation of privilege vulnerability exists in the Microsoft Windows client for McAfee Endpoint Security ENS 10.6.1 and earlier. A local user can exploit the...
CVE-2019-3582
Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security ENS 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances...
CVE-2018-17411
An XML External Entity XXE vulnerability exists in iWay Data Quality Suite Web Console 10.6.1.ga-2016-11-20...
Cisco Unified Intelligence Center Cross-Site Request Forgery Vulnerability
Cisco Unified Intelligence Center is the United States Cisco Cisco company's set of Web-based reporting platform. The platform provides a comprehensive display of report-related business data and call center data and other functions. A cross-site request forgery vulnerability exists in Cisco...