6 matches found
CVE-2023-5562 Unsafe default allows for cross-site scripting attacks in KNIME Server and KNIME Business Hub
An unsafe default configuration in KNIME Analytics Platform before 5.2.0 allows for a cross-site scripting attack. When KNIME Analytics Platform is used as an executor for either KNIME Server or KNIME Business Hub several JavaScript-based view nodes do not sanitize the data that is displayed by...
CVE-2018-4058
An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services running on that...
CVE-2018-4059
An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. By default, the TURN server runs an unauthenticated telnet admin portal on the loopback interface. This can provide administrator access to the TURN server configuratio...
CVE-2018-4058
An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services running on that...
CVE-2018-4058
CVE-2018-4058 affects the TURN server functionality in coTURN prior to 4.5.0.9. The default configuration allows relaying external traffic to the loopback interface of the host, which can give an attacker access to other private services running on that host by initiating a relay with a loopback ...
CVE-2018-4058
An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services running on that...