EUVD-2021-28775

Malicious code in bioql PyPI...

Netentsec NS-ASG Application Security Gateway SQL注入漏洞

NetentSec NS-ASG Application Security Gateway is an application security gateway from China NetentSec. A SQL injection vulnerability exists in Netentsec NS-ASG Application Security Gateway version 6.3, which originates from a SQL injection vulnerability in the parameter TunnelId in the file...

BIT-GUACAMOLE-2021-41767

Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...

Information Disclosure

guacamole-common is vulnerable to information disclosure. The vulnerability exists due to the incorrectly included private tunnel identifier in non-private details of some REST responses, allowing an authenticated attacker to interact with another user's active session...

CVE-2021-41767

Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...

Design/Logic Flaw

Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...

PT-2022-11481 · Apache +1 · Apache Guacamole +1

Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.3.0 and older Description: The issue allows an authenticated user who already has permission to access a particular connection to potentially read from or interact with another user's active use of that same...